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The  difference  between 
networking  and  not  working. 

Some  systems  require  you  to  reconfigure  your  network  infrastructure 
to  match  their  standards.  Not  the  IBM  BladeCenter®  with  Intel®  Xeon® 
processors.  It  offers  a  broad  range  of  networking  technologies— including 
some  of  the  most  advanced  virtualization  solutions  in  the  industry.  So 
you  can  choose  the  one  that  works  best  with  your  infrastructure.  And 
IBM  BladeCenter  can  save  you  up  to  40%  on  networking  costs  versus 
competitive  offerings.1 


Take  10  minutes  to  see  for  yourself. 

Learn  how  you  could  achieve  a  3-month  ROI  on  your  migration 
with  our  Systems  Consolidation  Tool.  Visit  ibm.com/systems/blade 


I.The  40%  cost  savings  are  based  on  a  comparison  of  the  acquisition  costs  of  10  current  generation  HP  rack  optimized  solutions  (i.e,  DL380  G7  Proliant  with 
10  GbE  Ethernet  and  Fibre  Channel  infrastructure)  to  10  current  generation  IBM  BladeCenter  and  HS22  systems  with  converged  fabric  solutions  from  Brocade 
See  www-03.ibm.com/systems/bladecenter/hardware/openlabric/fcoe.html.The  IBM  solution  includes  chassis  infrastructure.  Pricing  utilizes  publicly 
available  pricing  per  port  for  ToR  ethemet  and  FC  switching  infrastructure  as  of  Jan  2011.  The  40%  networking  hardware  costs  savings  result  from  eliminating 
separate  Ethernet  and  Fibre  Channel  cards  and  switches  in  the  deployment  of  an  IBM  BladeCenter  FCoE  solution  for  10  servers  and  associated  networking 
tiardware  in  comparison  to  the  HP  solution.  IBM.  the  IBM  logo,  ibm.com  and  BladeCenter  are  trademarks  of  International  Business  Machines  Corp,  registered 
in  many  jurisdictions  worldwide.  Other  product  and  service  names  might  be  trademarks  of  IBM  or  other  companies.  A  current  list  of  IBM  trademarks  is  available 
on  the  Web  at  www.ibm.com/legal/copytradeshtml.  Intel,  the  Intel  logo,  Xeon  and  Xeon  Inside  aie  trademarks  of  Intel  Corporation  in  the  U.S.  and  other  countries 
©  International  Business  Machines  Corporation  2011.  All  rights  reserved. 


One 


Charter  Business®  Fiber  Solution  that  offered 
a  smart  alternative  to  critical  connection  uptime. 


When  swelling  bandwidth  demands  caused  bottlenecks  and  interruptions,  the 
director  of  Technology  Services  at  Eagle  Mountain-Saginaw  School  District  turned 
to  Charter  Business  Fiber  Solutions  for  a  faster,  scalable  connection. 

With  a  wholly  owned,  proactively  monitored  network  backed  by  an  enterprise 
support  team  24/7,  we  have  the  intelligence  to  help  schools,  healthcare  facilities, 
financial  institutions  and  businesses  of  every  size  run  at  their  best. 

I  Fiber  Internet 
Data  Networking 
Optical  Ethernet 

Advanced  Voice  Solutions  Learn  more  about  this  story. 


Business 


Charter-Business.com/Technology  |  888.891.1598 


<£'■  2011  Charter  Communications.  Services  may  not  be  available  in  all  areas.  Restrictions  apply.  Call  for  details 
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The  water  pump  alarm 

If  nothing  else,  the  now  disputed  “hacking”  of  an 

Illinois  water  utility  has  brought  the  spotlight  back  on  the 
vulnerability  of  our  national  infrastructure. 

This  subject  goes  in  and  out  of  vogue  in  various  government  circles, 
yet  we  still  seem  to  be  treading  water,  waiting  for  a  real  attack  to  make  us 
serious  about  addressing  the  threat. 

Many  thought  the  early  reports  out  of 
Springfield  on  Nov.  10  were  the  opening 
salvo.  That  day,  the  Illinois  Statewide  Terrorism  &  Intel¬ 
ligence  Center  (STIC)  issued  a  report  titled  “Public  Water 
District  Cyber  Intrusion.” 

The  report  said  someone  in  Russia  had  hacked  into  a 
SCADA  contractor  and  purloined  credentials  that  were 
then  used  to  access  controls  in  Springfield’s  Curran- 
Gardner  Public  Water  District.  By  repeatedly  cycling  a 
pump  on  and  off,  it  was  believed  the  attacker  managed  to 
cause  that  device  to  fail.  (See  story,  page  10.) 

If  true,  the  incident  would  be  the  first  reported  domestic  attack  on  a  utility  from  a 
foreign  land  to  result  in  damage,  and  potentially  portend  more  significant  attacks. 

The  FBI  and  Department  of  Homeland  Security’s  Industrial  Control  Systems 
Cyber  Emergency  Response  Team  (ICS-CERT)  have  since  concluded  there  was 
no  evidence  of  an  attack,  but  the  way  the  whole  incident  unfolded  is  reason 
enough  for  concern. 

Consider  the  glacial  response.  Illinois  issued  the  report  on  a  Thursday.  ICS- 
CERT  didn’t  become  aware  of  it  until  the  following  Wednesday.  If  the  incident  was 
real  —  and  there  was  no  evidence  at  the  time  that  it  was  anything  but  —  shouldn’t 
alarm  bells  have  started  to  ring  upstream  somewhere?  And  while  ICS-CERT  did 
jump  on  some  log  analysis  when  it  finally  became  aware  of  the  event,  it  didn’t  actu¬ 
ally  send  a  team  in  to  investigate  until  many  days  after  that. 

In  the  post  9/11  era,  is  this  adequate?  One  would  think  not  given  that,  one,  the 
very  existence  of  the  ICS-CERT  is  acknowledgement  enough  that  the  threat  is  to  be 
taken  seriously.  And  two,  DHS  acknowledges  there  have  already  been  intrusions. 
Greg  Schaffer,  acting  deputy  undersecretary  of  the  Department  of  Homeland  Secu¬ 
rity’s  National  Protection  and  Programs  Directorate,  was  quoted  in  the  Washington 
Post  saying  the  bad  guys  “are  knocking  on  the  doors  of  these  systems.  In  some 
cases,  there  have  been  intrusions”  (see  the  story  at  tinyurl.com/3nvctar). 

While  this  whole  incident  increasingly  appears  to  have  been  a  false  alarm,  the 
real  alarm  is  our  lackadaisical  response.  Addressing  the  process  for  reacting  to 
events  is  a  lot  easier  than  addressing  the  inadequacies  of  infrastructure  security, 
yet  evidently  we  haven’t  even  gotten  that  right  yet. 

What’s  it  going  to  take  before  the  government  mandates  that  national  infrastruc¬ 
ture  security  is  brought  in  line  with  enterprise  network  security?  Unfortunately,  I 
think  we  all  know  the  answer  to  that. 
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YaCy,  a  new  approach  to  search 

©NOTSUREHOW  well  this  would  work 
with  re-search  (as  opposed  to  “research”) 
(Re:  “Free  software  activists  to  take  on 
Google  with  new  free  search  engine”; 
tinyurl.com/cpvuxlp). 

One  of  the  features  of  Google  search 
that  I  tend  to  rely  on  is  the  consistency  of 
the  results  themselves  and  visual  cues 
that  show  me  which  results  I  have  clicked 
on  in  the  past.  As  a  developer  I  find  that 
I  tend  to  re-search  things  a  lot,  using  the 
Internet  as  a  sort  of  reference  manual. 

I  do  love  the  idea  of  decentralized 
search  on  the  Internet,  however.  I  work 
for  an  online  company  that  lives  (and 
dies)  by  our  Google  rankings.  I  have  stood 
on  my  soapbox  at  many  a  meeting  letting 
management  know  that  we  are  doing 
wrong  by  relying  on  Google  for  so  much 
of  our  success. 

SpottedMarley 

Screen  size  vs.  resolution 

©  NOT  ALL  THAT  worked  up  about  the 
new  iPhone  if  and  when  it  arrives;  frankly, 
I  think  the  3.5-inch  screen  on  the  4  and  4S 
is  great.  The  key  factor  is  screen  (pixel) 
density,  not  necessarily  size,  and  going 
from  3.5  inches  to  4  inches  while  retain¬ 
ing  the  same  resolution  will  just  make 
the  screen  bigger  and 
slightly  grainier  (Re: 

“Apple  prepping  iPhone 
5  with  4-inch  screen 
along  with  redesigned 
MacBook  Pro  in  2012”; 
tinyurl.com/7vj3ys7). 

Now,  the  quadruple- 
resolution  iPad  3  that’s 
been  rumored?  I’ll 
actually  get  in  line  and 
pre-order  that  one. 

crOft 


Waiting  for  ARIN 
to  runout  is  like 
waiting  for  the 
last  horse  to  die 
before  buying 
your  first  car. 


We  are  training  next-generation  mechan¬ 
ics  (IPv6-sawy  engineers  and  develop¬ 
ers).  You  may  feel  nostalgic  for  your  old 
nag,  but  we  in  Asia  will  easily  win  all  the 
races.  The  ARIN  region  is  dead  last  in 
the  world  in  terms  of  percent  of  networks 
with  IPv6  (about  5%  in  2011). 

Soon  enough,  you  will  realize  that 
resistance  is  futile. 

Lawrence  Hughes 

IT's  age  problem 

©  NOTHING  CHANGES  WHEN  you  pass  45. 
If  you  aren’t  prepared,  to  learn  new  things, 
be  cooperative  and  flexible,  work  well 
with  others,  etc.,  then  you’re  going  to  have 
a  tough  time  at  25, 45  or  65  (Re:  “IT’s  age 
problem”;  tinyurl.com/6wlq5uo). 

Personally,  I’ve  found  aging  to  be  a 
bonus  —  my  personal  network  is  large, 
and  I’ve  had  time  to  build  my  reputa¬ 
tion.  I’ve  learned  how  to  overcome  the 
personal  issues  that  I  had  when  younger. 
And  my  skillset  is  growing  —  having 
around  30  years  of  experience  (includ¬ 
ing  a  computer  science  degree)  means  I 
understand  how  these  computer  things 
are  meant  to  work  at  a  fundamental  level. 
The  even  better  news  is  that  computing 
hasn’t  really  changed  that  much  —  in  fact, 
with  the  rise  of  Linux,  it’s  getting  closer 
and  closer  to  the  SVR4 
world  that  I  started  my 
working  life  in. 

Leslie  Giles 


Egging 

IPv6  adoption 

©  WE  IN  ASIA  are  mystified  by  the  resis¬ 
tance  of  U.S.  network  professionals  to 
IPv6.  IPv4  was  a  great  technology,  but  it 
has  outlived  its  usefulness  (Re:  “Hackers 
target  IPv6”;  tinyurl.com/cl7zeqe). 

Waiting  for  ARIN  to  run  out  is  like 
waiting  for  the  last  horse  to  die  before 
buying  your  first  car.  The  rest  of  the  world 
is  now  learning  to  drive  these  cool  new  car 
thingies  and  building  roads  and  filling 
stations  for  them  (IPv6  infrastructure). 


CS  degrees  pay  off 

©I  TEACH  SCIENCE 

courses  at  a  four- 
year  university.  Our 
program  is  difficult 
(about  30%  finish),  but 
all  of  our  computer 
science  graduates 
get  jobs.  Most  of 
them  have  accepted 
offers  before  graduation  (Re:  “Hottest 
major  on  campus?  Computer  science”; 
tinyurl.com/7g68get).  We  actually  don’t 
encourage  additional  companies  to  come 
to  campus  and  interview  because  there 
aren’t  enough  students  to  go  around. 
There  is  too  much  employer  demand  and 
not  enough  students  are  going  through 
the  pipeline.  The  most  recent  official  data 
showed  that  there  is  a  3:1  ratio  of  job  open¬ 
ings  vs.  people  to  fill  them  in  this  area. 

Ray  Pettit 
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Cisco  data 
center forecast 
very  cloudy 

GLOBAL  CLOUD  computing 
traffic  will  grow  12-fold  from 
now  to  2015,  according  to  a 
new  Cisco  study.  The  growth 
represents  a  66%  compound 
annual  rate,  from  130  exabytes 
to  1.6  zettabytes,  which  is  the 
equivalent  of  22  trillion  hours  of 
streaming  music,  or  1.6  trillion 
hours  of  online  high-definition 
video  streaming.  Cloud  is  the 
fastest  growing  component  of 
data  center  traffic,  which  itself 
will  grow  fourfold  at  a  33% 
compounded  annual  rate  to 
reach  4.8  zettabytes  annually  by 
2015.  Cloud  is  estimated  today 
to  be  11%  of  data  center  traffic, 
growing  to  more  than  33%  of  the 
total  by  2015.  Greater  virtualiza¬ 
tion  and  improved  economies 
of  scale  will  be  key  drivers  of 
the  cloud  transition,  Cisco 
says  .tinyurl.com/csd8xvk 


A  spy  in  your  ear 


CARRIER  IQ  LAST  week  denied  that  its  embedded  smart¬ 
phone  application  records,  stores  or  transmits  personal  user 
information.  A  number  of  programmers  have  been  trying  to 
figure  out  how  Carrier  IQ’s  software  actually  works  and  what 

information  it  accesses  following 
blog  posts  by  a  systems  adminis¬ 
trator  named  Trevor  Eckhart  that 


peer  review.  AT&T  and  Sprint  say 
their  mobile  phones  integrate  Carrier  IQ,  but  insist  the  software 
is  used  to  improve  wireless  network  performance.  HTC  and 
Samsung  said  they  were  integrating  the  software  into  their 


purportedly  show  the  CIQ  applica¬ 
tion  was  logging  keystrokes  and  SMS 
messages  contents.  Eckhart  sparked 
the  controversy,  even  though  his 
analysis  has  received  almost  no 


handsets  only  because  their  carrier  customers  were  asking  for 


cal  networks 


it.  Apple  said  it  included  the  Carrier  IQ  software  in  earlier  version 
of  its  iOS  firmware  for  devices,  but  dropped  the  code  from  iOS 
5.  Verizon,  RIM  and  Nokia  insist  that  reports  about  their  devices 
integrating  the  tool  are  false,  tinyurl.com/caot9k8 


IE  FCC  last  week  gave 
the  nod  for  use  of  wireless 
networks  of  microstimula¬ 
tors  to  treat  paralysis  and 

other  conditions.  The  agency  gave  medical  micropower 
networks  (MMN)  four  blocks  of  the  400MHz  spectrum 
despite  opposition  from  broadcast  engineers  concerned 
about  interference.  Microstimulators  implanted  next 
to  nerves  can  stimulate  those  nerves  through  electrical 
charges,  causing  muscles  to  contract  and  limbs  to  move. 
MMNs  can  link  dozens  of  those  stimulators  to  devices 
that  take  in  signals  from  the  human  nervous  system, 
bypassing  areas  of  the  nervous  system  that  have  been 
impaired  by  strokes  or  spinal  cord  or  brain  injuries. 
tinyurl.com/cg3g5az 
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Chrome  takes 
No.  2  browser  spot 
from  Firef  ox 


GOOGLE’S  CHROME 

has  narrowly  over¬ 
taken  Mozilla’s  Firefox 
as  the  second  most  popular 
desktop  browser  behind  Micro¬ 
soft’s  Internet  Explorer,  which  is 
holding  onto  its  market-leading 
share,  according  to  one  Web 
analytics  firm.  StatCounter’s 
monthly  statistics  for  November 
show  IE  in  the  lead  with  40.63% 


■m 


Rubik’s  Cube 
competition 
helps  kids  learn 
algorithms 

High  schools  and  middle 
schools  recently  worked  in 
teams  to  solve  the  cube  as 
quickly  as  possible,  learn¬ 
ing  memorization  skills  and 
other  teamwork  concepts. 
tinyurl.com/cfbzn4t 


of  the  global  market,  followed 
by  Chrome  with  25.69%,  Firefox 
with  25.23%,  Safari  with  5.92% 
and  Opera  with  1.82%.  While 
Chrome  for  the  first  time  sur¬ 
passed  Firefox  on  a  global  basis, 
that’s  not  the  case  in  the  U.S., 
where  Firefox  (20.09%)  retains 
a  lead  over  Chrome  (17.3%). 
tinyurl.com/cy3pw43 

Office  365 
on  a  roll 

OFFICE  365  is  poised  to  be  one 
of  Microsoft’s  fastest-growing 
products  ever.  The  cloud 
collaboration  and  communica¬ 
tion  suite  is  selling  eight  times 
faster  than  its  predecessor,  the 
Business  Productivity  Online 
Suite  (BPOS),  and  has  been 
particularly  successful  among 
small  businesses,  which  make 
up  more  than  90%  of  Micro¬ 
soft’s  customer  base.  Last  week 
Microsoft  said  it’s  making 
Office  365  available  to  try  in 
22  new  markets,  including 
Argentina,  Taiwan  and  South 
Africa,  as  well  as  rolling  out 
more  than  30  product  enhance¬ 
ments  to  the  suite.  Launched  in 
June,  Office  365  includes  online 
versions  of  Exchange,  Share- 
Point,  Office  and  Lync  hosted  in 
Microsoft  data  centers,  and  is 
priced  on  a  per  user,  per  month 
subscription  basis,  tinyurl. 
com/cbxutka 
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Cisco  to  introduce  larger  Cius  tablet  next  year 


BYAGAM  SHAH,  IDG  NEWS  SERVICE 

IN  THE  first  half  of  next  year  Cisco  will 
release  a  tablet  with  a  larger  screen  than  the 
current  Cius,  the  first  move  in  the  company’s 
long-term  plans  to  introduce  tablets  in  mul¬ 
tiple  sizes,  an  executive  said  last  week. 

The  new  tablet  will  be  released  around 
the  spring  season  in  the  U.S.,  and  the  screen 
size  will  be  larger  than  the  7-inch  screen  on 
the  current  Cius  tablet  (pictured  right),  says 
Chuck  Fontana,  director  of  Cius  product 
management  at  Cisco. 

“We’re  still  working  through  the  details  of 
the  exact  form  factor,”  Fontana  says. 

The  company  is  looking  at  multiple  screen 
sizes,  but  a  lot  of  research  is  around  tablets 
with  10-inch  to  11-inch  screens,  Fontana 
says.  Cisco  is  also  looking  at  smaller  Android 
devices  with  3.5-inch  to  5-inch  screens  from 
where  users  can  access  videoconferencing, 
collaboration  and  virtual  desktop  tools. 

After  delays  and  a  long  trial  run,  Cis¬ 
co’s  Cius  tablet  start  shipping  in  July  and 
is  targeted  at  businesses.  The  tablet  has 
Google’s  Android  2.2  OS  and  Intel’s  mobile 
processor. 

Cius  is  priced  at  $725,  higher  than  the  iPad 
2,  which  is  priced  starting  at  $499.  The  tablet 
is  not  available  in  retail  stores  and  competes 
with  business  tablets  such  as  HP’s  Slate  2, 
which  has  an  8.9-inch  screen,  and  Dell’s  Lati¬ 
tude  ST,  which  has  a  10-inch  screen. 

Fontana  described  Cius  as  an  “endpoint” 
device  that  can  be  used  as  a  virtual  desktop 
or  as  a  mobile  device  for  communication  or 
collaboration.  The  device  works  with  Cisco’s 
TelePresence  videoconferencing  system, 
WebEx  tools  and  other  applications  includ¬ 
ing  Quad,  a  collaboration  tool  also  available 
for  the  iPad  and  iPhone.  Virtualization  soft¬ 
ware  from  VMware  and  Citrix  allows  the 
tablet  to  run  a  virtualized  Windows  desktop. 
The  tablet  also  provides  access  to  Android 
Market  and  Cisco’s  AppHQ. 

Cisco  is  also  working  with  Intel  to  upgrade 
the  current  Cius  to  Google’s  Android  4.0,  and 
the  new  08  can  be  expected  by  fall,  Fontana 
said.  He  declined  comment  on  whether  the 
new  larger  screen  tablet  would  come  with 
Android  4.0. 

There  are  no  current  plans  to  put  Micro¬ 
soft’s  upcoming  Windows  8  in  the  Cius 
tablet. 

Use  of  the  Cius  is  growing  in  the  enterprise 
as  applications  move  to  the  cloud  and  busi¬ 
nesses  increasingly  find  ways  to  use  tablets, 
Fontana  says.  There  is  a  demand  for  larger 
screens,  so  one  of  Cisco’s  immediate  focus  is 


to  upgrade  its  tablet  lineup. 

Larger  screens  are  useful 
in  businesses,  especially 
in  dealing  with  rich  media 
and  for  those  who  want 
wider  screens  but  don’t 
have  a  dock  or  a  monitor, 

Fontana  says.  It  will  be  pos¬ 
sible  to  dock  larger-screen 
Cius  devices  on  desktop 
phones,  and  will  provide  a 
PC-like  experience  via  secure  access  to  vir¬ 
tual  desktops  hosted  on  servers. 

“Some  people  don’t  want  a  device  that’s 
more  mobile,  they  want  something  that’s  an 
endpoint  that’s  both  a  videophone  and  a  vir¬ 
tual  desktop,”  Fontana  says. 

Smaller  devices  with  3.5-inch  to  5-inch 
screens  are  also  under  consideration, 


Fontana  said.  These  devices 
could  resemble  smart¬ 
phones  in  size,  but  will 
be  smaller  cousins  of  the 
larger  tablets,  with  access 
to  enterprise  collaboration, 
communication  and  virtual 
desktop  tools. 

For  instance,  smaller- 
screen  Cius  devices  could 
resemble  smartphones  and 
be  alternatives  to  older  devices  like  Cisco’s 
old  IP  phones  which  are  currently  popular 
portable  devices  for  voice  and  video. 

The  company  this  week  introduced  a 
model  of  its  current  Cius  7-inch  device  for 
AT&T’s  4G  network.  The  company  will 
also  introduce  a  Cius  for  Verizon’s  LTE 
network.  IS 


RIM  to  offer  multiplatform 
device  management 


BY  STEPHEN  LAWSON,  IDG  NEWS  SERVICE 

RESEARCH  IN  Motion  is  taking  on 
mobile  device  management  for  Android 
and  Apple  iOS  devices  as  well  as  its  own 
products,  introducing  last  week  the  Black- 
Berry  Mobile  Fusion  product. 

BlackBerry  Mobile  Fusion  is  designed 
to  simplify  the  management  of  phones  and 
tablets  that  run  RIM’s  current  BlackBerry 
OS  and  the  emerging  BBX  platform,  which 
is  based  on  the  QNX  software  that  cur¬ 
rently  powers  RIM’s  PlayBook  tablet.  But 
Mobile  Fusion  will  also  manage  devices 
using  the  two  biggest  mobile  operating 
systems,  Android  and  iOS. 

The  growing  number  of  corporate  and 
employee-owned  mobile  devices  poses  a 
challenge  for  enterprises  that  want  to  let 
employees  choose  their  own  devices,  while 
making  sure  sensitive  data  remains  secure 
and  business  applications  uncorrupted. 
Numerous  vendors  have  weighed  in  with 
tools  to  handle  these  tasks,  including  Syb¬ 
ase,  Zenprise  and  FiberLink.  But  RIM, 
which  largely  introduced  mobile  devices  to 
large  enterprises  and  is  still  a  major  player 
in  this  market,  has  not  managed  other  ven¬ 
dors’  devices. 

When  companies  allow  employees  to 
bring  their  own  smartphones  and  tablets 


into  corporate  offices  and  to  use  them  for 
work,  they  can  no  longer  dictate  a  standard 
platform  and  build  a  device  management 
strategy  around  it.  Managing  those  diverse 
fleets  of  devices  has  fallen  mostly  to  third 
parties  rather  than  mobile  platform  pur¬ 
veyors  themselves. 

Because  of  its  long  enterprise  experience 
and  reputation  for  security,  RIM  may  be 
better  suited  than  its  mobile  OS  rivals  to 
dive  into  mobile  management  as  a  business. 
But  the  company  also  is  strongly  motivated 
to  make  its  customers  happy,  as  sales  of  its 
smartphones  decline  and  shipping  dates  for 
some  products  slip.  Version  2.0  of  its  Play- 
Book  operating  system,  originally  expected 
in  October,  now  is  set  for  delivery  in  the  first 
quarter  of  next  year.  The  company  hasn’t 
even  given  a  firm  date  for  availability  of  the 
first  smartphones  based  on  QNX. 

Other  big  mobile  OS  vendors  are  making 
strenuous  efforts  to  capture  market  share 
from  RIM  in  enterprises.  With  its  planned 
purchase  of  Motorola  Mobility,  Google  will 
also  acquire  3LM,  which  makes  software  to 
secure  all  the  apps  on  an  Android  phone. 
The  3LM  software  is  already  built  into  the 
entire  phone  lineups  of  a  dozen  handset 
makers.  Motorola  said  last  month.  Apple 
has  steadily  added  enterprise-friendly  fea¬ 
tures  to  iOS,  too.  ■ 
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America’s  critical  infrastructure  security 
response  system  is  broken 


Anatomy  of  a  SCADA  attack 

Supervisory  control  and  data  acquisition  (SCADA)  networks  are  set  up  to 
gather  telemetry  data  from  automated  devices  on  networks  and  to  issue 
commands  to  them.  This  diagram  shows  the  widespread  general  threat 
posed  by  the  Internet  to  these  networks,  most  of  which  were  designed  to 
operate  in  isolation  and  so  are  lacking  in  security  and  forensics. 


o 

The  business  entity  -  water 
company,  electric  supplier, 
chemical  plant -connects 
its  LAN  to  the  Internet  for 
general  business  purposes. 


Access  to  the  SCADA  network 
via  the  same  LAN  enables 
workers  to  monitor,  manage, 
gather  data  from  and  issue 
commands  to  automated 
devices  on  the  SCADA 
network. 


© 

Internet  hackers  who  infiltrate 
the  LAN  could  access  SCADA 
controls  and  issue  commands 
to  the  automated  devices  with 
the  intent  of  overheating  pumps 
so  they  fail,  opening  and  closing 
valves  to  cause  spills,  throwing 


Business/utility  LAN 


SCADA  control 
platform 


Network  of  pipes,  electric  towers, 
water  tanks,  etc. 


BYELLENMESSMER 

THE  FLAP  over  the  reported  water  util¬ 
ity  hack  in  Illinois  begs  the  question:  Is  the 
reporting  system  that  the  U.S.  has  set  up  to 
identify  cyberattacks  on  critical  infrastruc¬ 
ture  broken  and  in  need  of  rethinking? 

Since  the  year  2000,  the  Department 
of  Homeland  Security  (DHS)  has  encour¬ 
aged  states  and  cities  to  establish  so-called 
“fusion  centers”  to  operate  under  local  con¬ 
trol  and  collect  information  from  the  likes  of 
power  companies  and  water  utilities  about 
incidents  that  might  have  national-security 
implications. 

There  are  now  72  of  these  fusion  centers  in 
the  U.S.,  which  vary  in  their  practices,  accord¬ 
ing  to  DHS.  When  one  of  them,  the  Illinois 
Statewide  Terrorism  and  Intelligence  Center 
(STIC),  issued  a  brief  report  on  Nov.  10  titled 
“Public  Water  District  Cyber  Intrusion,”  it  led 
to  a  firestorm  of  controversy,  putting  what  has 
been  a  secretive  reporting  system  in  the  harsh 
glare  of  the  public  spotlight,  and  highlighting 
the  intrinsic  weakness  in  the  way  the  U.S.  crit¬ 
ical-infrastructure  incident  reporting  system 
works  today. 

The  Illinois  STIC  report  said  there  had 
been  a  cyberattack  from  Russia  on  a  SCADA 
(supervisory  control  and  data  acquisition) 
system  used  by  an  unnamed  Illinois  water- 
supply  company  to  control  its  water  pumps, 
leading  to  the  burnout  of  a  pump  as  it  was 
repeatedly  turned  on  and  off.  In  addition, 
the  STIC  report  said  an  unnamed  informa¬ 
tion  technical  services  company  looking  at 
the  SCADA  system  believed  the  hackers  had 
been  going  after  the  SCADA  system  for  sev¬ 
eral  months,  trying  to  get  user  names  and 
passwords. 

The  STIC  report  was  sent  on  to  the  DHS 
for  its  review,  which  DHS  says  is  the  usual 
process.  But  the  DHS’  Industrial  Control  Sys¬ 
tems  Cyber  Emergency  Response  Team  (ICS- 
CERT)  later  said  it  was  only  “made  aware  of” 
the  report  on  Nov.  16. 

The  report,  shared  among  those  associ¬ 
ated  with  the  Illinois  STIC,  was  expected  to 
remain  confidential.  But  the  operator  of  a  util¬ 
ity  company  associated  with  the  Illinois  STIC, 
who  was  troubled  by  this  report  and  look¬ 
ing  for  advice,  shared  it  with  a  well-known 
energy-industry  consultant,  Joe  Weiss,  head 
of  Applied  Control  Solutions. 

When  Weiss  mentioned  the  report  in  his 


blog  a  media  firestorm  ensued,  with  the  Wash¬ 
ington  Post  and  other  news  sources  describing 
it  as  perhaps  the  most  significant  cyberattack 
on  U.S.  critical  infrastructure. 

Once  the  media  blitz  erupted,  the  DHS 
and  FBI  took  to  publicly  describing  how,  in 
coordination  with  ICS-CERT,  they  had  sent 
a  team  off  to  the  Illinois  water  facility.  The 
feds  were  the  first  to  name  it  as  the  Curran- 
Gardner  Townships  Public  Water  District  in 
Springfield,  Ill.,  which  serves  just  over  2,000 
customers. 

ICS-CERT  on  Nov.  23  issued  a  bulletin  that 
said  once  it  had  received  the  Illinois  STIC 
report  on  Nov.  16,  the  organization  “reached 
out  to  the  STIC  to  gather  additional  informa¬ 
tion.  ICS-CERT  was  provided  with  a  log  file; 
however,  initial  analysis  could  not  validate 
any  evidence  to  support  the  assertion  that  a 
cyber  intrusion  had  occurred.” 

Curran-Gardner  itself  declines  to  discuss 
the  matter,  but  the  DHS  and  FBI  now  says, 


“After  detailed  analysis,  DHS  and  the  FBI 
have  found  no  evidence  of  a  cyber  intru¬ 
sion  into  the  SCADA  system  of  the  Curran- 
Gardner  Public  Water  District  in  Springfield, 
Illinois.” 

The  Washington  Post  reported  that,  too,  and 
later  quoted  unidentified  sources  saying  the 
remote  SCADA  access  was  from  an  unnamed 
contractor  for  Curran-Gardner  that  happened 
to  be  in  Russia  at  the  time. 

That  contractor,  Jim  Mimlitz,  founder  and 
owner  of  Navionics  Research,  has  now  come 
forward  and  publicly  said  he  was  in  Russia  on 
vacation  in  June  and  logged  into  the  SCADA 
system  at  the  request  of  Curran-Gardner.  He 
said  he  didn’t  mention  to  Curran-Gardner  he 
was  on  vacation  in  Russia. 

It  is  unclear  how  that  activity  in  June 
came  to  be  perceived  as  a  November  hacking 
attempt  in  the  Illinois  CERT  report,  which 
Weiss  read  verbatim  to  Network  World.  The 
report  is  thin  on  details  about  the  supposed 
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intrusion,  the  problems  with  the  SCADA 
system  and  what  actually  happened. 

The  DHS  ultimately  concluded:  “There 
is  no  evidence  to  support  claims  made  in 
initial  reports  —  which  were  based  on  raw, 
unconfirmed  data  and  subsequently  leaked 
to  the  media  —  that  any  credentials  were 
stolen,  or  that  any  vendor  was  involved  in 
any  malicious  activity  that  led  to  a  pump 
failure  at  the  water  plant.  In  addition,  DHS 
and  the  FBI  have  concluded  that  there  was 
no  malicious  traffic  from  Russia  or  any  for¬ 
eign  entities,  as  previously  reported.” 

But  the  DHS  does  add:  “Analysis  of  the 
incident  is  ongoing  and  additional  relevant 
information  will  be  released  as  it  becomes 
available.” 

Several  security  experts  say  they  find 
it  reprehensible  that  a  SCADA  contrac¬ 
tor  would  remotely  access  a  U.S.  facility’s 
SCADA  system  from  Russia. 

“It’s  without  question  a  poor  security 
practice,  probably  the  most  distressing 
information  out  of  this  investigation,” 
says  Andre  Eaddy,  director  of  cybersecu¬ 
rity  portfolio  solutions  at  Unisys.  “Most 
organizations  would  limit  access  inbound 
and  outbound  to  certain  countries,  espe¬ 
cially  to  certain  countries  like  Russia  or 
China.”  That’s  because  there  are  so  many 
malware-related  attacks  associated  with 
them  that  it  isn’t  worth  the  risk,  and  even 
taking  a  laptop  with  contractor  informa¬ 
tion  there  would  not  be  considered  good 
security,  he  says. 

“It  is  shocking”  a  contractor  would 
directly  access  a  SCADA  system  from  Rus¬ 
sia,  Weiss  says.  But  the  bigger  problem  is 
that  “we  have  no  control  system  forensics 
and  logging,”  meaning  it  is  hard  to  get  an 
accurate  picture  of  what  happened  and 
where  and  when  it  happened  after  any  type 
of  suspected  breach. 

Weiss  says  the  entire  episode,  in  which 
the  Illinois  STIC  fusion  center  issued  a 
very  direct  report  that  gave  no  indication 
it  was  preliminary  or  unproven  and  which 
had  such  explosive  information,  shows 
how  broken  the  U.S.  critical-information 
reporting  system  is. 

“What  Illinois  put  out  is  scarier  than 
hell,”  he  says.  It’s  hard  to  understand  how 
it  could  be  a  week  or  longer  for  ICS-CERT, 
DHS  and  the  FBI  to  step  in  and  say  the 
report  was  wrong.  He  also  points  out  that 
the  various  fusion  centers  all  report  dif¬ 
ferent  things  that  seem  to  circulate  only 
locally  before  information  goes  on  to  DHS 
in  Washington.  He  wonders  why  fusion 
centers  put  out  reports  without  making  it 
clear  they’re  not  considered  validated. 


Weiss  thinks  the  Water-ISAC,  a  group 
coordinated  by  the  federal  government 
and  the  water  utilities  to  share  informa¬ 
tion,  should  have  been  informed  about  the 
Illinois  STIC  report. 

Some  in  industry  think  Weiss  stepped 
out  of  bounds  to  have  even  publicly  men¬ 
tioned  the  Illinois  STIC  report,  but  Weiss 
says  he  doesn’t  have  any  official  connection 
to  it  and  is  under  no  particular  obligation  to 
keep  the  document  confidential. 

On  Nov.  23,  ICS-CERT,  which  works 
within  DHS,  issued  a  security  advisory 
about  the  “Illinois  Pump  Failure  Report.” 

Without  mentioning  Weiss  by  name, 
ICS-CERT  pointed  out  the  impact  that  pub¬ 
lic  discussion  had  on  its  usual  processes, 
which  are  typically  secret.  “Publicly  dis¬ 
closing  affected  identity  names  and  inci¬ 
dent  information  is  highly  unusual  and  not 
part  of  ICS-CERT’s  normal  incident  report¬ 
ing  and  triage  procedures.  In  this  particu¬ 
lar  case,  because  unconfirmed  information 
had  already  been  leaked  to  the  public,  ICS- 
CERT  and  the  asset  owner/operator  felt  it 
was  in  the  best  interest  of  the  community 
to  collaboratively  analyze  all  available  data 
and  disclose  some  of  the  findings.” 

DHS  sources  say  the  general  assumption 
about  the  fusion  centers  is  that  they  are 
simply  places  for  gathering  information 
and  that  DHS  is  the  ultimate  authority  for 
the  validation  of  that  information.  Fusion 
centers  include  not  just  critical  infrastruc¬ 
ture  companies  but  private-sector  partners 
as  well.  For  instance,  Cisco  says  it  belongs 
to  many  of  the  fusion  centers  and  would 
immediately  supply  information  to  them 
if  a  serious  malicious  attack  was  detected. 

DHS  provides  some  funding  to  the 
fusion  centers  through  FEMA  grants, 
but  expects  the  state  and  local  authorities 
sponsoring  a  center  to  carry  the  basic  fis¬ 
cal  and  management  responsibility.  DHS 
acknowledges  the  fusion  centers  vary  sig¬ 
nificantly  in  their  activities  and  practices, 
though  since  2008  there  has  been  a  push 
to  try  to  establish  basic  guidelines  and 
common  toolsets. 

However,  DHS  at  this  point  isn’t  able  to 
explain  exactly  what  anomalies  or  security 
incidents  critical  infrastructure  companies 
are  required  to  report. 

“Right  now,  it’s  not  a  good  model,”  says 
Gartner  analyst  John  Pescatore  of  the 
fusion  centers.  Not  only  could  the  intel¬ 
ligence-gathering  function  be  improved, 
but  there  should  be  more  “proactive  infor¬ 
mation  coming  from  the  other  way”  that 
would  help  private  industry  definitely 
know  about  real  threats.  ■ 
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Citrix  supports  more  workers  with  lower  budget 


Citrix  CIO  Paul  Martine  is  the  poster  child  for 
everything  that  Citrix  markets  to  other  CIOs. 

From  server  and  desktop  virtualization  to  cloud 
computing  and  consumerization,  Martine  is  an 
early  adopter  of  the  entire  Citrix  product  line. 

As  a  result,  he  says  he  has  been  able  to  slash 
millions  of  dollars  from  his  IT  budget  while 
supporting  25%  more  employees  added  during  the  last  18  months.  Network 
World  Senior  Editor  Carolyn  Duffy  Marsan  recently  interviewed  Martine  to 
get  the  details.  Here  are  excerpts  from  that  conversation: 


How  are  you  reorganizing 
your  IT  department  as  you 
centralize,  virtualize  and  adopt 
cloud-based  applications? 

When  we  look  at  software  as  a  service,  we’re 
looking  for  applications  that  can  meet  our 
technical  requirements  and  are  a  benefit  to  us 
in  terms  of  reduction  of  costs  or  speed  to  mar¬ 
ket.  We  still  run  some  applications  in-house. 
We  use  SAP  for  financials,  supply  chain  and 
the  HR  portal.  There  was  a  talent  manage¬ 
ment  project  underway  where  we  looked  at 
building  it  in  SAP  or  going  with  a  SaaS  pro¬ 
vider,  and  we  actually  went  with  the  SaaS 
provider.  We  use  a  SaaS  application  called 
Authoria  [now  re-branded  as  Peoplefluent] 
to  deliver  that  application  to  the  whole  com¬ 
pany  ...  as  if  it  were  written  to  our  own  SAP 
portal.  For  us,  it  was  less  expensive  and  faster 
to  market  to  use  SaaS,  which  is  a  complement 
to  the  premises-based  applications. 

You  have  to  really  look  at  the  SaaS  applica¬ 
tion  and  can  it  meet  those  criteria  of  security, 
compliance,  reliability,  resilience  and  con¬ 
tinuity  and  complement  a  premises-based 
application.  Out  of  125  applications  we  run,  25 
are  Web  or  SaaS  applications.  When  we  find 
those  SaaS  applications  that  are  a  benefit  as 
a  stand-alone  like  Salesforce.com  that  we  use 
for  lead  management  and  sales,  we  integrate 
them  into  our  other  applications. 


where  [an  application  is]  delivered  from  as 
long  as  it  meets  all  of  our  requirements. 

How  has  the  shift  to  SaaS  affected 
your  staffing  levels  and  the 
expertise  you  need  in-house? 

The  expertise  we  need  is  still  the  same.  Those 
writing  integration  code  and  those  support¬ 
ing  our  colo  architecture  remain  the  same 
skills,  but  they  are  integrating  applications 
that  are  not  sitting  in  our  data  centers.  From 
the  application  development  team,  there  are 
subtle  differences.  They  are  not  developing 
that  application.  They  are  working  with  the 
SaaS  project  team  to  get  their  application  up 
and  running.  They  are  no  longer  managing 
contractors  doing  development  work  because 
the  development  work  is  already  done.  We 
want  to  deliver  SaaS  applications  as  close  to 
out-of-the-box  as  possible. 

How  has  the  size  and  structure 
of  your  IT  department  changed 
over  the  last  24  months? 

It’s  gotten  a  little  bit  smaller.  Our  application 
development  team  is  about  150  people.  The 
infrastructure  side  is  about  150  people.  We’ve 
probably  shrunk  by  25  or  26  people  over  the 
last  few  years.  We’ve  also  done  virtualization 
around  the  desktop,  so  now  we  are  deliver¬ 
ing  desktops  from  the  data  center.  I  took  the 
desktop  engineering  team,  and  some  of  them 
moved  into  the  data  center  team.  We’ve  really 
been  able  to  manage  virtual  desktops  out  of 
the  data  centers.  We’ve  built  little  storefronts 
—  think  of  them  as  Apple  Genius  bars  —  and 
we  placed  them  in  high-traffic  areas  in  our 
main  locations  to  provide  users  with  walk-in 
help.  If  somebody  has  a  problem  with  an  iPad, 
a  smartphone  or  a  laptop,  they  can  get  one-on- 
one  interaction  from  our  people.  Users  seem 
to  like  that  a  lot  better. 


What  metrics  are  you  using 
to  track  how  your  movement 
to  SaaS  applications  is 
benefitting  the  company? 

One  of  the  main  metrics  we  use  is  the  number 
of  employees  we  support.  Citrix  has  6,800 
employees  worldwide;  1,400  of  them  we 
hired  in  the  last  18  months.  When  I  look  at  my 
overall  costs  to  run  IT  over  the  same  time,  our 
costs  actually  have  been  reduced.  Every  time 
a  person  is  hired  in  the  company  that  impacts 
my  costs  for  hardware,  storage,  licenses  and 
facilities.  Yet  from  an  IT  perspective,  we’ve 
been  able  to  deflect  the  costs  of  supporting  an 
increase  in  employees.  I  will  spend  $6  million 
less  next  year  on  IT  than  this  year.  I  spent  $2.5 
million  less  in  2011  over  2010.  With  the  move¬ 
ment  to  SaaS  applications,  some  of  the  dollars 
are  going  to  move  from  capital  expenses  to 
operating  expenses.  But  in  all  the  numbers  — 
both  operating  expenses  and  capital  expen 
—  there’s  been  an  overall  reduction.  That’s  the 
big  metric  that  we  follow. 

We  also  measure  the  typical  IT  metrics, 
such  as  performance,  reliability  and  the  num¬ 
ber  of  [help  desk]  incidents.  Year  to  date,  as 
of  November,  we’re  seeing  a  29%  decrease  in 
incidents.  With  desktop  virtualization,  you’re 
really  simplifying  what  you’re  doing.  You’re 
delivering  desktops  and  applications  from  the 
data  center.  You  have  one  copy  of  the  applica¬ 
tion,  one  copy  of  the  desktop,  and  you  deliver 
that  out  to  multiple  employees.  All  of  my  appli¬ 
cations  live  in  one  data  center  in  Miami,  and  I 
deliver  that  around  the  globe  to  80  offices. 

What  role  does  outsourcing 
play  in  your  IT  infrastructure 
and  how  is  that  changing? 

You  can  call  SaaS  outsourced  because  we 
don’t  do  the  development  work.  So  in  lieu 
of  paying  a  team  of  consultants  or  my  own 
development  team  to  develop  an  application, 
you’re  paying  an  operating  expense;  you’re 
paying  a  monthly  fee.  It’s  a  bit  more  consis¬ 
tent,  and  there  aren’t  big  spikes  of  capital.  We 
can  manage  more  projects  because  a  handful 
of  them  are  SaaS.  That  frees  up  my  team. 

What  types  of  talent  are  you  most 
interested  in  having  on  staff: 
deep  technical  skills  or  deep 
management  skills?  Why? 

We  have  a  complement  of  both.  We  have  busi¬ 
ness  relationship  managers  at  either  senior 


Right  now,  20%  of  your  applications 
arc  SaaS  applications.  Do  you 
expect  that  percentage  to  increase 
in  the  next  18  to  24  months? 

Sure.  We’re  going  to  continue  to  look  at  SaaS 
where  it  makes  sense,  where  it  complements 
one  of  our  premises-based  applications  or  a 
stand-alone  application.  You  caneven  integrate 
multiple  SaaS  providers  and  you  can  build  out 
the  infrastructure  that  way.  I  don’t  really  care 
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manager  or  director  level.  Those  are  the 
interface  to  all  the  functional  departments 
within  Citrix.  We  liaison  with  those  func¬ 
tional  departments  as  they  go  through  the 
capital  cycle  for  the  IT  projects  for  next  year. 
Our  business  relationship  manager  works 
closely  with  the  functional  department  head, 
starts  to  gather  information,  and  starts  to 
build  out  a  plan  for  each  department.  So  we 
have  those  business  skills.  But  we  still  need 
the  technical  skills. 

Are  you  doing  anything  new 
to  develop  the  talent  you 
have  in  your  department? 

It’s  certainly  a  challenge.  One  of  the  things 
that  Citrix  is  doing  as  a  whole  is  looking  at 
the  design  for  products  and  making  them 
more  usable.  My  development  team  has 
just  gone  through  design  school.  We  just 
revamped  our  license  management  system 
using  those  design  school  principles.  We’re 
taking  a  step  back  and  not  just  doing  an 
upgrade  to  add  features,  but  to  make  it  sim¬ 
pler,  easier  and  more  intuitive  for  the  user. 
It’s  a  different  skill  set. 

How  are  you  handling  the 
maintenance  and  operations  of  IT 
systems,  networks  and  data  centers? 

The  maintenance  remains  very,  very  simi¬ 
lar  to  what  it  was  in  the  past.  Part  of  our 
criteria  is  to  be  able  to  monitor  SaaS  applica¬ 
tions.  We  have  an  operations  center  in  Fort 
Lauderdale  and  in  Bangalore  to  get  24-by-7 
monitoring.  The  maintenance  on  SaaS  appli¬ 
cations  is  done  by  the  providers.  Salesforce 
does  three  or  four  updates  a  year  that  are 
not  disruptive  to  me.  My  team  can  focus  on 
the  premises-based  applications.  We  keep 
our  applications  current.  Tech  currency  is 
very  important  to  me.  It  allows  us  to  lever¬ 
age  the  newest,  latest,  greatest  applications. 
Our  team  focuses  on  the  premises-based 
applications.  We  keep  them  no  further  than 
two  versions  behind.  That  includes  SAP, 
Siebel,  Oracle  and  my  Microsoft  stack.  My 
SaaS  is  kept  current  by  my  providers.  Then 
the  integration  team  has  a  good  platform  to 
work  with  the  newest  and  latest  technology 
around  my  service-oriented  architecture.  I 
want  my  applications  to  provide  or  consume 
a  service  from  one  another. 

Our  data  centers  are  colo  facilities.  In 
Miami,  we  run  Citrix  out  of  a  1,600-square- 
foot  cage  at  a  Terremark  data 
center.  Our  data  center  team 
accesses  all  of  that  remotely. 

We  maintain  all  of  those  appli¬ 
cations,  and  we  maintain  that 
hardware.  We’ve  been  in  the 
same  size  data  center  for  six 
years,  even  though  the  company 


has  grown  200%.  That’s  another  impor¬ 
tant  metric.  With  the  data  center,  your  real 
expense  is  not  hardware;  it’s  power,  cooling 
and  space  inside  the  data  center.  We’ve  been 
able  to  hold  that  expense. 

We  have  a  global  MPLS  network.  We 
migrated  to  that  about  three  years  ago.  That’s 
been  great  for  us.  We  moved  to  one  provider, 
and  they  are  doing  a  very  good  job  with  it.  If 
I  have  a  big  video  broadcast  out  of  our  Pacific 
office,  I  can  allocate  the  bandwidth  for  that. 
Our  network  capacity  hasn’t  really  changed 
too  much.  A  lot  of  the  SaaS  applications  are 
coming  over  the  public  Internet.  We  haven’t 
had  to  change  the  size  or  shape  of  our  network 
unless  we  add  a  location.  We’re  relying  on  the 
service  provider  to  do  that.  Not  having  a  data 
center  in  our  building,  we  take  our  network 
proyider’s  equipment  and  terminate  it  in  the 
colo  data  center.  We  can’t  be  more  reliable  or 
secure  than  that. 


We’ve  been  in  the 
same  size  data 
center  for  six  years, 

even  though  the  com¬ 
pany  has  grown  200%. 


We’re  taking  out  a  lot  of  our  network  infra¬ 
structure  in  the  buildings  and  going  wireless. 
In  Fort  Lauderdale,  the  application  delivery 
team  has  150  people  who  are  pure  wireless. 
We’re  also  moving  toward  open  seating, 
where  nobody  has  assigned  seating.  One  of 
our  buildings  is  all  wireless,  all  soft  phones. 
Downstairs  is  a  project  room  with  writable 
walls  and  writable  desktops.  It’s  a  real  collab¬ 
orative  environment.  People  can  flow  from 
one  place  to  another,  and  they  don’t  have  to 
worry  about  the  wiring  in  the  walls.  It’s  very, 
very  flexible. 

How  are  you  and  your  department 
helping  Citrix  increase  speed 
to  market  or  drive  revenue? 

There  are  a  few  subtle  things  we  do.  I  spend 
20%  of  my  time  talking  with  customers.  They 
want  to  talk  to  me  about  how  I  am  doing  things 
[like  desktop  virtualization.] 
The  sales  and  marketing  orga¬ 
nization  is  constantly  pinging 
me  about  giving  talks  about 
how  I  support  6,800  employees 
around  the  globe  with  Citrix 
products.  We  keep  the  technol¬ 
ogy  in  the  hands  of  the  sales 
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team.  They  were  the  first  ones  to  have  virtual 
desktops.  They  are  on  the  most  current  ver¬ 
sion  of  the  Windows  operating  system  and  the 
most  current  version  of  our  applications.  We 
even  have  the  beta  version  of  our  applications 
delivered  to  them. 

How  will  your  adoption  of 
cloud  computing  evolve  over 
the  next  18  months? 

We’re  going  to  see  more  of  the  follow-me  data. 
That’s  one  of  the  things  we  really  want  to 
achieve.  Your  apps  can  follow  you  anywhere. 
Your  desktop  can  follow  you  anywhere,  and 
now  your  data  can  follow  you  anywhere.  We’re 
achieving  this  through  the  recent  acquisition 
of  ShareFile.  We  need  to  do  some  work  with 
ShareFile;  we  need  to  ensure  the  security  of  it. 
We  need  to  provide  the  SSL  VPN  capability. 
It’s  more  of  rounding  out  that  offering.  So  I’ll 
be  able  to  take  my  iPad  and  travel  wherever  I 
want  and  bring  up  my  XenDesktop,  bring  my 
data  with  me  and  be  productive  while  travel¬ 
ing.  It’s  kind  of  like  a  personal  cloud. 

You’ve  seen  IT  cost  reductions 
over  the  past  few  years  despite  an 
increase  in  employees.  How  will  you 
handle  that  dynamic  in  the  future? 

Citrix  is  going  to  continue  to  grow  as  it  has 
in  the  past.  If  Citrix  wants  to  grow  another 
1,400  employees,  and  I  can  keep  my  costs 
flat,  then  we  are  doing  a  great  job.  We’ve  done 
a  lot  of  acquisitions  recently,  so  day  one  is  a 
big  day  for  us  because  we  have  to  have  all  of 
the  people  on-boarded.  We  provide  a  virtual 
desktop  on  day  one,  with  all  the  HR  appli¬ 
cations  and  email  set  up  ahead  of  time.  So 
when  we  do  mergers  and  acquisitions,  my 
team  goes  out  there  and  has  responsibility 
for  getting  them  operational.  I  don’t  care 
what  device  they  have:  laptop  or  tablet.  I’m 
just  going  to  provide  them  with  a  virtual 
desktop,  and  they  can  be  up  and  running  on 
day  one.  That’s  part  of  our  speed-to-market. 
All  of  our  employees  are  on  Windows  7  or 
Windows  8.  We  want  to  move  forward  with 
more  of  an  open-seating  and  work-any  where 
style  environment.  More  departments  are 
interested  in  that. 

What  are  your  plans  regarding  IPv6? 

It’ll  be  an  ongoing  project.  I’m  not  real  con¬ 
cerned  about  it.  IPv4  will  be  here  for  the  next 
20  years.  As  newer  technologies  come  out, 
they  will  be  IPv6.  It’s  just  part  of  our  natural 
growth  and  changing  technology  of  the  Inter¬ 
net.  All  of  our  commercial  sites  —  citrix.com, 
mycitrix.com  —  are  IPv6  compatible.  We’ll 
step  through  upgrading  the  rest  of  the  infra¬ 
structure  to  IPv6.  I’m  not  in  a  great  big  rush 
to  do  it.  I  don’t  see  a  lot  of  risks.  But  certainly, 
IPv6  is  in  our  2012  plan.  ■ 
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CORPORATE  DEVELOPMENT, 
INFOBLOX,  INC. 

Steve  Nye  is  the  Executive 
Vice  President  of  Product 
Strategy  and  Corporate  Devel¬ 
opment  for  infoblox,  Inc.  He 
is  responsible  for  formulating 
the  Company's  longer-term 
strategy  for  portfolio  and 
market  expansion.  Within  his 
organization  he  directs  ail 
product  management,  market¬ 
ing  and  business  develop¬ 
ment  activities.  He  oversees 
corporate  development,  which 
includes  strategic  alliances, 
both  technical  and  marketing, 
as  well  as  M&A  activity. 


FOR  MORE  INFORMATION 

on  managing  your  company's 
virtualization,  mobility  and  IPv6 
challenges,  check  out  our  Tech 
Dossier  "A  Better  Way  to 
Run  Your  Network:  Dynamic 
Network  Services"  at 
www.networkworld.com/'mfoblox 
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Maximizing  Your  IT  Resources 

Network  Service  Automation  Rightsizes  IT  Staff 
and  Delivers  “Time  to  Value” 


\ 


What  is  the  biggest  challenge  you  see 
driving  IT  departments  these  days? 

Our  customers  and  business  partners  say 
complexity  is  on  the  rise,  which  is  putting 
more  demands  on  IT  to  respond  faster  to  busi¬ 
ness  changes.  However,  because  their  budgets 
and  staff  are  constrained,  most  companies 
cannot  move  quickly.  They  need  help  with 
scaling  in  an  environment  in  which  technol¬ 
ogy  is  moving  faster  than  IT  talent.  We  think 
new  solutions  that  help  manage  the  growing 
chaos  surrounding  IP  initiatives  will  help  in¬ 
crease  network  availability  by  reducing  errors 
or  delays  in  rolling  out  new  services. 

What  is  the  impact  of  virtualization 
on  network  staff? 

Virtualization  breaks  the  traditional  “one 
server,  one  application’’  architecture,  and 
that  creates  new  management  challenges.  For 
example,  troubleshooting  and  seeing  which 
virtual  machine  is  connected  to  which  port 
have  become  more  difficult.  Businesses  need 
new  discovery  and  visualization  tools  that  au¬ 
tomatically  collect  configuration  information 
and  automate  repetitive  and  high-response- 
rate  chores  such  as  assigning  IP  addresses 
and  server  names  in  a  virtual  environment. 
The  task  of  issuing  IP  addresses  and  names 
for  virtual  machines  should  happen  just  as 
fast  as  a  virtual  machine  can  be  provisioned. 
The  network  team  in  a  virtualized  environ¬ 
ment  must  be  as  dynamic  as  the  server  team’s 
ability  to  provision  new  systems.  This  type 
of  automation  is  a  critical  part  of  any  private 
cloud  strategy. 

How  does  the  influx  of  new  mobile  con¬ 
sumer  devices  correlate  with  the  need  for 
more  network  automation? 

IT  managers  are  often  not  informed  when  new 
mobile  devices  come  into  the  company.  Em¬ 
ployees  bring  them  to  work,  or  business  units 
buy  new  systems  because  they  do  not  want  to 
wait  for  funds  to  be  allocated  to  fulfill  a  critical 
business  need.  The  IT  department  needs  to 
know  what  is  being  attached  to  the  enterprise 


network,  because  the  impact  of  these  devices 
can  be  significant.  This  shift  to  a  more  mobile 
and  dynamic  computing  environment  puts 
a  strain  on  mission-critical  network  services 
such  as  Domain  Name  Service  (DNS).  As  a 
result,  IT  needs  simple-to-use,  intuitive  tools 
that  monitor  network  activity  while  proactive¬ 
ly  managing  and  securing  connections  from  a 
single  central  console. 

How  does  the  movement  to  IPv6  affect 
network  staff? 

The  migration  has  already  begun.  T-Mobile 
is  delivering  IPv6  support  in  its  phones,  and 
these  new  IPv6  devices  still  need  to  connect  to 
IPv4  networks.  In  the  past,  address  manage¬ 
ment  was  done  on  spreadsheets,  but  128-bit- 
IPv6  addressing  brings  an  entire  new  set  of 
challenges.  When  you  add  virtualization  and 
cloud  to  this  challenge,  managing  IP  addresses 
with  just  a  spreadsheet  becomes  impossible.  IT 
teams  will  need  automated  network  services. 

Where  should  a  company  start  and  how 
can  you  gauge  success? 

Automation  is  a  new  “big  idea.”  To  some, 
it  means  ripping  and  replacing— or  mak¬ 
ing  significant  investments  in  professional 
services  and/or  integration  work.  At  Infoblox, 
we  strive  to  make  automation  compelling  by 
demonstrating  that  we  can  make  adoption 
simple.  By  using  automation,  companies  can 
reduce  a  40-step  process  to  a  few  clicks  of  a 
mouse.  As  a  result,  companies  can  make  huge 
productivity  gains  and  save  money— many  of 
our  customers  see  an  immediate  increase  in 
network  availability  and  savings  of  millions  of 
dollars  annually  by  embracing  automation. 

Once  companies  see  such  results,  they  can 
expand  their  use  of  these  tools  and  dramati¬ 
cally  increase  IT  staff  productivity.  Infoblox’s 
heritage  is  in  automating  network  services 
such  as  DNS  and  IP  address  management.  We 
anticipate  that  both  automation  and  next-gen¬ 
eration  network  services  will  be  key  elements 
powering  the  next  10  years  of  IT. 
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TOOLS 

Cracking  MD5 ...  with  Google?! 


ere’s  a  piece  of  news  that  will 
worry  anyone  interested  in  secu¬ 
rity  (which  should  be  pretty  much 
everyone  who  reads  Network  World): 
A  programmer  by  the  name  of  Juuso 
Salonen  has  created  a  Ruby  script 
called  BozoCrack  that  cracks  MD5 
hashed  passwords  with  remarkable  success  and 
with  very  little  effort. 


Mark  Gibbs’  Gearhead 


Before  we  go  any  further,  let’s  have  a  little 
background:  Computer  systems  need  a 
mechanism  to  authenticate  users  and  pro¬ 
cesses  so  that  the  good  guys  can  get  in  to  do 
work  and  the  bad  guys  are  locked  out. 

The  most  common  authentication 
method  is  to  use  a  name  and  a 
password,  but  if  you  were  to  store 
the  password  in  plaintext  on  the 
system  you  would  run  the  risk 
that  passwords  could  be  exposed. 

A  common  solution  is  to  not  store 
the  password  at  all  but  instead 
keep  something  called  an  MD5 
hash  of  the  password. 

MD5  is  the  fifth  version  of  the 
Message-Digest  cryptographic 
hash  “function”  created  by  the 
renowned  computer  scientist  Ron 
Rivest.  An  algorithm  implement¬ 
ing  MD5  takes  in  strings  and  out¬ 
puts  128-bit  hash  values  that  have 
several  interesting  attributes. 

Those  attributes:  Any  input 
string  can  be  hashed  (the  string 
can  be  of  arbitrary  length  and 
character  set)  in  a  reasonable 
amount  of  time  and  it  is  computationally 
impossible  in  practical  terms  (unless  you 
have  years  and  access  to  a  supercomputer) 
to  generate  a  string  with  a  specific  hash 
value,  make  a  change  in  a  string  without 


changing  the  hash  value,  and  find  two  dif¬ 
ferent  strings  with  the  same  hash  value. 

So,  if  you  take  a  string  such  as  “mysecret- 
password”  and  run  it  through  an  MD5 
implementation  you  get  the  hash  value 
“4cab2a2db6a3c31b01d804def28276e6.” 


Change  a  single  character  and  the 
hash  value  will  also  change  and  do  so 
unpredictably. 

With  128  bits  you  have  3.4  x  10A38,  or 
around  340  undecillion  possible  hash 


values.  As  the  relationship  of  input  string  to 
hash  value  and  vice  versa  isn’t  predictable, 
you  have  what  is  called  a  “one  way”  func¬ 
tion;  you  can  go  from  string  to  hash  value 
but  not  from  hash  value  to  string. 

In  practice,  when  a  user  logs  in  to  a 
computer,  the  password’s  MD5  hash  value 
is  calculated  on  the  fly,  the  account  name 
looked  up  in  a  database,  and  the  saved  and 
calculated  hash  values  compared.  Only  if 
the  values  match  is  the  user  allowed  access. 

The  problem  with  the  MDS  function  is  that 
it  has  been  shown  to  be  “breakable”  through 
several  types  of  sophisticated  attacks.  But  as 
these  attacks  are  technically  very  complicated 
to  perform,  MD5  hashes  are  still  widely  used. 

Alas,  the  BozoCrack  algorithm  adds  a 
whole  new  dimension  of  vulnerability  to 
MD5,  as  Salonen  commented: 
“BozoCrack  is  a  depressingly 
effective  MDS  password  hash 
cracker  with  almost  zero  CPU/ 
GPU  load.” 

How  does  BozoCrack  do  its  voo¬ 
doo?  The  author  explains:  “Instead 
of  rainbow  tables,  dictionaries, 
or  brute  force,  BozoCrack  simply 
finds  the  plaintext  password.  Spe¬ 
cifically,  it  googles  the  MD5  hash 
and  hopes  the  plaintext  appears 
somewhere  on  the  first  page  of 
results.  It  works  way  better  than  it 
ever  should.” 

Why  did  he  create  it?  “To  show 
just  how  bad  an  idea  it  is  to  use  plain 
MDS  as  a  password  hashing  mecha¬ 
nism.  Honestly,  if  the  passwords  can 
be  cracked  with  this  software,  there 
are  no  excuses.” 

Thus,  once  again,  does  the  power  of 
Google  make  fools  of  us  all.  ■ 

Gibbs  is  secure  in  Ventura,  Calif.  Settle  your 
hash  at  gearhead@gibbs.com. 


Honestly,  if  the  passwords  can 
be  cracked  with  this  software, 

there  are  no  excuses. 


Using  Google  to  crack  passwords. 

f T~ . ' i 

^Crack  that  hash  babyQ  £  Generate  MD5  Hash  ) 
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GADGETS 

Two  Android  tablets, 
different  goals 


Keith  Shaw’s 


Xoom  4G 
LTE  tablet 


►  Why  it's  cool:  The  device  is  lighter  than  a  larger  tablet,  although  it’s 
still  not  as  light  as  a  smartphone  that  you  can  fit  in  your  pocket.  Using 
this  in  the  living  room,  though,  was  a  good  fit,  for  controlling  the  TV  or 
playing  a  quick  game  of  Angry  Birds.  The  size  compares  to  e-readers 
like  the  Amazon  Kindle  or  Barnes  &  Noble  Nook,  making  this  a  good 
tablet  for  book  reading.  The  Samsung  Social  Hub  app  worked  well  at 
combining  social  feeds  from  Facebook,  Twitter,  Linkedln  and  even 
email  into  one  overall  view,  plus  I  could  post  an  update  on  one  service 
and  have  the  app  update  the  other  social  sites. 


►  Some  caveats:  Users  who  like  larger 
tablets  such  as  the  iPad  or  even  the  10.1-inch 
Galaxy  Tab  may  not  like  the  smaller  size  of 
this  display  —  surfing  websites,  for  examples, 
likely  requires  zooming  in  more  than  with  a 
larger-screen  tablet.  Also,  the  unit  we  tested 
was  Wi-Fi  only,  which  limits  the  locations 
where  you  can  use  the  device. 


►  Grade  ★★★★  (out  of  five). 


for 

extra  memory 
(up  to  32GB),  1,024 
by  600  WSVGA  resolution 
display,  Bluetooth  3.0, 720p  video  camera  Xoom’s  tablet  is  more 

recording  (back  camera  is  3  megapixel  with  useful  to  those  in  4G 
auto-focus  and  LED  flash),  2  megapixel  front  LTE  coverage  areas, 

camera  for  webcam  chatting  and  a  video 
player  with  1080p  support. 

On  the  software  side,  the  tablet  supports  Google  Mobile  Services 
(Google  Talk,  Gmail,  Calendar,  YouTube,  Google  Maps,  Latitude, 
Places  and  Google  Maps  Navigation),  and  the  Samsung  Hubs  offer¬ 
ings  (Social  Hub,  Music  Hub  and  Readers  Hub).  The  unit  also  comes 
bundled  with  the  Peel  Smart  Remote  application,  a  great  interactive 
TV  guide,  as  well  as  built-in  IR  that  lets  you  use  the  tablet  as  a  univer¬ 
sal  remote  control  for  your  home  entertainment  system. 


Shaw  can  be  reached  at  kshaw@nww.com. 
Follow  him  on  Twitter:  @shawkeith. 


by  Motorola  and  Veri¬ 
zon  Wireless,  about  $300 
(with  two-year  contract) 


►  What  it  is:  The  10.1-inch  display  tablet  from  Motor¬ 
ola  recently  got  a  4G  LTE  upgrade  from  Verizon  Wireless, 
providing  it  with  faster  network  data  speeds  than  before.  The  device 
runs  on  a  dual-core  1GHz  processor,  uses  Android  3.2  (Honey¬ 
comb)  OS  and  features  a  2  megapixel  front  camera  webcam  and  a  S 
megapixel  rear  camera  for  photos  and  videos  (up  to  720p  record¬ 
ing  resolution  and  playback).  The  tablet  features  32GB  of  internal 
memory  storage,  with  microSD  card  support  (sold  separately)  for 
up  to  another  32GB. 


►  Why  it’s  cool:  Certainly,  the  4G  LTE  network  gives  you  faster 
data  downloads  and  uploads  than  previously  —  in  my  tests  I  aver¬ 
aged  16.12Mbps  of  download  speed,  and  5.59Mbps  of  upload  speed. 
For  travelers  where  4G  LTE  coverage  is  located,  this  can  provide  for 
great  productivity  in  getting  files  and  accessing  websites  quickly. 
The  larger  screen  makes  it  appealing  to  users  who  want  more 
real  estate  for  Web  browsing  and  app  usage  (although  I  prefer  the 
smaller  ones  for  e-books).  Along  with  the  iPad  and  Galaxy  Tab  10.1, 
the  Xoom  4G  LTE  should  be  on  your  short  list  of  tablet  choices. 


►  Some  caveats:  May  be  less  useful  for  users  not  in  4G  LTE 
coverage  areas.  Data  costs  for  4G  LTE  access  may  also  turn  some 


users  away. 


►  Grade  ★★★★-*  (out  of  five) 


Galaxy  Tab  7.0  Plus 

by  Samsung,  about  $400 


►  What  it  is:  This  is  an  upgrade 
to  the  original  7-inch  Galaxy  Tab  Android 
tablet  from  Samsung,  with  features  such  as 
a  1.2GHz  dual-core  processor,  Android  3.2 
Honeycomb  OS  and  support  for  HSPA+ 
wide-area  networks 
(although  the  unit  we 
received  was  a  Wi-Fi 
only  model).  Other  hard¬ 
ware  features  include 
1GB  of  RAM,  16G  or 
32GB  of  on-device  storage  (depending 
on  model),  support  for  microSD  card 


The  Galaxy  Tab 
7.0  Plus  is 
than  a  larger 
tablet. 


THE 

SCO 
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I  I  you  think  cloud  computing  is  a  disruptive  force  within  the  enterprise, 
just  imagine  what  the  cloud  is  doing  to  the  vendor  landscape.  The  sheer  num¬ 
ber  of  cloud  players  —  or  companies  that  claim  to  be  cloud  players  —  is  stag¬ 
gering.  By  some  estimates  there  are  more  than  2,000  software-as-a-service 
(SaaS)  companies  alone.  At  this  early  point  in  the  cloud  revolution,  there  are 
certainly  front-runners,  but  the  field  is  wide  open. 


For  example,  the  marquee  SaaS  player,  Sales- 
force.eom,  owned  a  paltry  8.7%  of  the  total  SaaS 
market,  according  to  a  2010  IDC  report  that 
tracked  84  vendors.  Other  big  names  —  Intuit, 
Cisco,  Microsoft,  Google  and  Symantec  —  were 
below  5%  each.  That  leaves  scores  of  other  com¬ 
petitors  with  tiny  market  shares  today,  and  no 
place  to  go  but  up. 

Infrastructure  as  a  service  (IaaS)  has  more 
30  major  players,  both  pure-play  outfits 
pay-as-you-go,  on-demand  com- 
and  those  rising  into  the  cloud 
the  traditional  managed  services  realm. 
Forrester  Research  is  watching  at  least  40 
platform-as-a-service  (PaaS)  providers  that  say 


they  can  help  developers  build  cloud  apps. 

To  further  muddy  the  waters,  many  vendors 
are  extending  their  cloud  offerings  across  the 
neat  SaaS,  PaaS  and  IaaS  boundaries. 

“It’s  true  that  most  of  the  disruption  caused 
by  cloud  computing  relates  to  enterprise  [opera¬ 
tions]  and  IT.  But  it’s  also  been  pretty  disruptive 
to  the  vendor  community  as  well,”  says  David 
Mitchell  Smith,  vice  president  at  Gartner. 

Smith  believes  that  a  tremendous  shakeout 
will  occur  over  the  next  year  or  two.  He  predicts 
that  by  2013  a  small  handful  of  vendors  will 
emerge  as  leaders  delivering  both  enterprise 
systems  and  cloud  services. 

The  two  names  on  Smith’s  short  list  are 
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Microsoft  and  VMware. 

Smith  argues  that  Microsoft  made  a  seis¬ 
mic  shift  to  a  SaaS  delivery  model  in  2008 
and  has  since  delivered  Microsoft  Office365, 
SharePoint  Online  and  Microsoft  Dynamics 
CRM  Online.  In  the  PaaS  arena,  Microsoft 
is  pushing  its  Azure  platform  of  AppFab- 
ric,  SQL  Azure  and  Windows  Azure.  And, 
Microsoft  is  making 
headway  in  pushing 
Azure  down  into  the 
IaaS  space  as  well. 

VMware’s  vSphere 
hypervisor  and  man¬ 
agement  software  has 
long  provided  trusted 
virtualization  capabil¬ 
ities  in  the  enterprise. 

VMware  is  also  mak¬ 
ing  a  strong  IaaS  play 
by  building  a  network 
of  vendors  that  use 
vCloud  to  deliver  cloud 
compute  services. 

And  VMware  has 
various  PaaS  irons  in 
the  fire.  There’s  its  own 
vFabric  PaaS  plat¬ 
form.  Plus,  the  com¬ 
pany  launched  CloudFoundry,  an  open  PaaS 
platform  housed  at  www.CloudFoundry.org, 
where  developers  can  contribute  to  collabora¬ 
tive  open  source  projects.  And  there’s  a  hosted 
PaaS  platform  operated  by  VMware  at  www. 
CloudFoundry.com. 

“There  are  no  guarantees  in  a  market  this 
size,  but  we  see  [Microsoft  and  VMware] 
as  the  companies  in  the  best  position  now,” 
Smith  says. 

The  SaaS  landscape 

SaaS  is  the  most  mature  cloud  layer  and, 
in  fact,  existed  well  before  the  term  “cloud 
computing”  gained  prevalence,  says  Robert 
Mahowald,  research  vice  president  of  SaaS 
and  cloud  services  at  IDC. 

Mahowald  makes  these  two  observations 
about  the  state  of  SaaS  today:  Most  enter¬ 
prises  are  looking  to  SaaS  for  “net  new”  appli¬ 
cations,  not  as  a  replacement  for  existing 
apps.  And  many  software  vendors  are  devel¬ 
oping  their  products  to  be  consumed  via  the 
cloud  first,  and  for  on-premise  consumption 
secondarily,  if  at  all. 

IDC  says  the  2010  SaaS  market  rang  in  at 
$16.6  billion,  a  figure  that  represents  three- 
quarters  of  all  IT-based  public  cloud  revenue. 
IDC  predicts  that  by  2015,  worldwide  SaaS  rev¬ 
enues  will  skyrocket  to  $53.6  billion  annually. 

“The  SaaS  market  has  solidified  because  it 


just  makes  financial  sense  for  both  the  pro¬ 
vider  and  the  consumer.  That  combination 
always  drives  adoptions,”  says  Robert  K. 
West,  founder  and  CEO  of  Echelon  One,  an  IT 
security  and  risk  management  consultancy. 

Vendors  with  an  edge  today  tend  to  be  those 
that  developed  their  products  to  run  natively 
in  the  cloud.  They  were  built  to  take  advantage 
of  the  cloud’s  elastic 
nature,  to  be  sold  on 
a  usage-based  model, 
have  multi-tenancy 
as  a  basic  tenet  so  that 
security  is  constructed 
accordingly,  and  have 
worldwide  reach  and 
a  resilient  infrastruc¬ 
ture  underneath  the 
covers. 

Companies  held 
in  high  regard  for 
their  SaaS  offerings 
include  Salesforce. 
com  (CRM),  Work¬ 
day  (HR  and  financial 
management),  Google 
(desktop  productiv¬ 
ity),  Concur  Tech¬ 
nologies  (travel  and 
expense  management)  and  NetSuite  (ERP). 

That’s  not  to  say  that  the  traditional  enter¬ 
prise  software  giants  such  as  SAP  and  Oracle 
are  out  of  the  race  (Oracle  does  lead  in  one  cloud 
category,  SaaS-based  business  analytics).  But 
they  are  playing  a  bit  of  catch-up.  Some  of  the 
tension  between  those  two  camps  came  to  the 
fore  in  the  recent  dustup  between  Salesforce’s 
Marc  Benioff  and  Oracle’s  Larry  Ellison. 

“The  SAPs  and  Oracles  of  the  world  are 
trying  to  adapt  their  existing  software  to  the 
cloud,  which  is  extremely  difficult  and  time- 
consuming,”  says  Joe  Coyle,  CTO  of  Capgem- 
ini  North  America,  a  consulting  and  outsourc¬ 
ing  firm  that  helps  enterprises  deploy  cloud 
services.  He  argues  that  the  process  of  putting 
these  applications  in  the  cloud  is  not  difficult, 
but  getting  them  to  take  advantage  of  the  elas¬ 
tic  nature  of  the  cloud  is. 

“Getting  an  SAP  application  to  know  there  is 
more  compute  power  available  when  it  needs 
it,  is  the  challenge,”  Coyle  says.  Until  those 
applications  are  reworked  to  understand  what 
is  dynamically  available  to  them,  they  will  lag 
behind  the  SaaS  leaders,  Coyle  says. 

Paul  Turner,  senior  product  manager  at 
NetSuite,  which  has  10,000  customers  using 
its  SaaS-delivered  ERP  software,  says  there 
are  several  telltale  signs  of  a  “false  cloud” 
application.  Turner  says  a  native  cloud  appli¬ 
cation  is  completely  Web-based. 


Second,  the  service  must  offer  a  customiza¬ 
tion  layer  that  allows  enterprise  IT  to  make 
the  tweaks  to  suit  its  needs,  and  those  changes 
must  migrate  seamlessly  with  each  upgrade  to 
the  service.  And  finally,  Turner  argues  there 
must  be  a  high  level  of  transparency  about  any 
downtime  and  security  issues. 

SaaS  begets  PaaS 

Many  of  the  leading  SaaS  players  —  Sales- 
force.com,  Google,  NetSuite  and  Workday  — 
are  trying  to  solidify  their  positions  within 
their  market  segments  by  developing  PaaS 
environments  for  third-party  ISVs. 

For  example,  Salesforce  launched  Force, 
com,  a  PaaS  offering  built  to  support  its  SaaS 
service:  then  bought  Heroku  in  order  to  pro¬ 
vide  a  more  open  PaaS  service.  The  company 
claims  200,000  apps  built  on  the  Force.com 
platform. 

“We’re  adding  developers  daily,”  says  Byron 
Sebastian,  executive  vice  president  of  platforms 
at  Salesforce.  The  hot  area  is  mobile  applica¬ 
tions  running  in  the  public  cloud,  he  says. 

The  hurdle  Sebastian  encounters  when 
pushing  PaaS  into  the  enterprise  is  inertia. 
“We  get  a  lot  of  pushback  from  folks  who  are 
just  used  to  doing  business  the  old  way,”  Sebas¬ 
tian  says. 

A  second  segment  of  the  PaaS  market  com¬ 
prises  general  purpose  development  plat¬ 
forms  that  support  multiple  languages  and 
cloud  infrastructures,  says  Krishnan  Subra- 
manian,  an  independent  industry  analyst  and 
blogger  at  www.cloudave.com. 

Microsoft’s  Azure  and  Google’s  App  Engine 
are  leaders  in  this  category,  Subramanian 
says.  The  hot  startups  are  CloudBees  and 
Engine  Yard,  he  adds. 

And  Subramanian  believes  VMware’s 
CloudFoundry  shouldn’t  be  counted  out, 
as  the  field  shakes  out  over  the  next  18  to  24 
months,  because  it  espouses  the  open  source 
approach  popular  with  the  developer  set  and 
cash-strapped  startup  software  companies. 

But  it’s  still  very  early  in  the  game. 

Forrester  analysts  John  Rymer  and  Stefan 
Rein  describe  the  PaaS  market  as  sprawling, 
fast-changing  and  very  immature.  There’s 
little  agreement  on  what  comprises  a  PaaS  in 
the  first  place,  most  PaaS  vendors  are  small, 
some  of  the  bigger  ones  have  relatively  imma¬ 
ture  products,  and  other  major  vendors  like 
IBM,  RedHat  and  Oracle  have  only  recently 
entered  the  market. 

Forrester  divides  the  PaaS  world  into  four 
categories,  with  some  vendors  competing  in 
multiple  segments. 

In  the  largest  group,  software  developers 
are  allowed  to  use  their  current  tools  of  choice 
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When  it  comes  to  the  public  cloud, 
don’t  just  ask  questions. 

Ask  The  10  Big  Questions. 


VMware  vCloud  Datacenter  Service  /  4 ; 

Looking  for  a  public  cloud  services  provider?  VMware  VCloud  Datacenter  Service  delivers  globally  consistent 
enterprise-class  cloud  computing  infrastructure  services  for  your  cloud.  Offered  by  VMware-certified  service 
providers,  our  solution  delivers  the  business  agility  and  cost  effectiveness  of  public  clouds  without  compromising 
on  the  portability,  compatibility  and  security  demanded  by  enterprise  IT  organizations. 

Finding  the  right  service  provider  for  your  cloud  begins  with. asking  The  10  Big  Questions.  . 

Start  asking  at  vmware.com/go/the10bigquestions 


locally  and  then  push  code  out  to  the  cloud. 
Playing  are  ActiveState,  Appian,  Force.com, 
Google,  Longjump,  Magic  Software,  Micro¬ 
soft,  NetSuite,  OutSystems,  Servoy,  Tibco, 
Vaakya,  VMware,  WaveMaker  and  WS02. 

Then  there  are  environments  where  every¬ 
thing  happens  in  the  cloud.  The  players  here 
are  Appian,  Cordys,  Force.com,  Intuit,  Track- 
Via  and  Wolf  Frameworks. 

Some  companies  target  business  experts, 
not  “coders.”  Caspio,  Cordys,  IS  Tools,  Mendix, 
OrangeScape,  WorkXpress  and  Zoho  provide 
tools  for  creating  applications  without  coding 
in  order  to  speed  up  app  delivery  times. 

The  last  category  allows  developers  to  use 
whatever  tool  they  want  to  build  their  cloud 
applications  and  the  platform  tackles  the 
deployment,  scaling  and  management  of  these 
apps  in  the  cloud  data  center.  The  players  here 
are  Amazon,  Appistry,  Apprenda,  CloudBees, 
Cloudsoft,  Engine  Yard,  GigaSpaces,  Heroku, 
IBM,  Joyent,  Microsoft,  Red  Hat,  Standing 
Cloud,  Techcello  and  VMware. 

Rymer  notes  that  enterprise  IT  should  act 
cautiously  when  it  comes  to  PaaS  because 
“startups  are  risky  and  big  vendors  move 
slowly  and  may  use  their  PaaS  offerings  simply 
as  calling  cards  to  sell  their  current  products.” 

Rymer  says  the  two  companies  likely  to 
enjoy  long-term  success  in  the  PaaS  market 
are  Microsoft  and  Salesforce.  “Every  other 
vendor  is  a  long-term  risk,”  he  adds. 

If  enterprise  software  developers  do  want 
to  push  forward,  Rymer  offers  these  tips.  Find 
out  how  well  the  vendor  supports  the  “ilities”: 
security,  scalability,  availability,  reliability 
and  serviceability.  Next,  determine  how  each 
PaaS  service  jibes  with  the  enterprise’s  exist¬ 
ing  application  development  talent.  Finally, 
nail  down  what  benefits  PaaS  is  likely  to  pro¬ 
vide.  “Cutting  costs  is  a  hard  one  to  obtain. 
Time  to  market  is  relatively  easy  to  obtain,” 
Rymer  says. 

IaaS  free-for-all 

laaS  is  currently  the  smallest  market  of  the 
three  major  cloud  categories,  but  is  expected 
to  have  the  fastest  growth  rate  over  the  next 
three  to  five  years.  Gartner  says  last  year’s 
total  of  just  over  $2  billion  will  grow  by  that 
much  for  each  of  the  next  four  years. 

The  800-pound  gorilla  is  Amazon.  Competi¬ 
tors  see  EC2  both  as  an  ingenious  use  of  surplus 
compu  te  power  and  a  n  emesis  to  be  defeated  by 
the  marketing  mantra  that  says  a  mass-market 
retailer  simply  cannot  cater  to  the  complicated 
needs  of  enterprise  customers. 

But  this  market  is  evolving  to  be  more  com¬ 
plicated  than  simply  Amazon  versus  the  rest 
of  the  IaaS  world,  says  Lydia  Leong,  research 


vice  president  at  Gartner. 

“If  your  differentiation  is,  ‘we’re  not  like 
Amazon,  we’re  enterprise-class!’,  you’re  now 
competing  against  dozens  of  other  provid¬ 
ers  who  also  thought  that  would  be  a  clever 
market  differentiation.  Not  to  mention  that 
Amazon  already  serves  the  enterprise,  and 
wants  to  deepen  its  inroads,”  Leong  wrote  in 
a  recent  blog  post. 

Leong  is  Gartner’s  go-to  author  when  it 
comes  to  analyzing  the  IaaS  market.  Her 
report  in  December  2010  on  the  cloud  IaaS 
and  Web  hosting  provider  market  identi¬ 
fied  AT&T,  Rackspace,  Savvis  (purchased 
by  CenturyLink),  Terremark  (purchased  by 
Verizon)  and  Verizon  as  the  market  leaders. 
Visionaries  were  Ama¬ 
zon,  CSC,  GoGrid,  IBM 
and  Joyent. 

A  new  report  ana¬ 
lyzes  a  subcategory  of 
IaaS  vendors  that  offer 
automated,  multi-ten- 
ant  services  for  scale- 
out  cloud  hosting,  vir¬ 
tual  lab  environments,  self-managed  virtual 
data  centers  and  turnkey  virtual  data  center 
services.  Rackspace,  AT&T,  Savvis,  Terre¬ 
mark,  Verizon  (with  its  home-grown  Com¬ 
puting  as  a  Service)  and  OpSource  are  the  big 
names  in  this  market. 

“The  separation  [of  these  segments]  is 
grounded  in  the  fact  that  some  vendors  provide 
very  good  infrastructures  without  any  services 
and  others  get  the  managed  services  right,  but 
don’t  have  very  good  clouds,”  Leong  says. 

The  traditional,  old-school  telecom  car¬ 
riers  are  sometimes  seen  as  dinosaurs,  but 
Capgemini’s  Coyle  says  they  shouldn’t  be 
discounted.  “Just  think  of  who  controls  all  the 
bandwidth,  right?  It  becomes  a  no-brainer 
then,”  Coyle  says. 

The  carriers  have  another  advantage  over 
cloud  newbies:  long-term  relationships  with 
enterprise  customers.  “When  it  comes  to  the 
cloud  sale  into  big  enterprises,  we  already  have 
a  seat  at  the  planning  table  as  a  trusted  service 
provider,”  says  Steve  Caniano,  vice  president 
of  AT&T’s  hosting  and  cloud  services. 

AT&T,  British  Telecom  and  Verizon  lead  the 
pack  of  carriers  in  the  cloud  to  some  degree,  but 
in  terms  of  building  out  reliable  IaaS-focused 
data  centers,  Verizon  is  the  most  advanced, 
Coyle  says.  He  argues  that  the  point  of  the  Ter¬ 
remark  purchase  was  not  the  extra  data  center 
footprint,  but  the  management  services  that 
Terremark  wraps  around  its  IaaS. 

Managed  services  are  where  the  real  money 
lies  for  cloud  vendors,  says  Coyle,  adding  that 
the  Amazons  of  the  world  are  driving  prices 


down  so  low  that  the  carriers  will  not  be  able 
to  compete  on  raw  compute  power  alone. 

“IaaS  companies  are  starting  to  realize 
they  have  to  offer  these  managed  services  — 
or  at  least  create  APIs  so  you  can  have  man¬ 
agement  software  plug  in  and  monitor  these 
clouds  like  you  do  your  internal  assets  —  to 
get  into  the  enterprise  and  pull  in  their  next 
level  of  business,”  Coyle  says. 

Rackspace  was  so  confident  that  custom¬ 
ers  would  be  willing  to  pay  for  these  wrap¬ 
around  services  like  application  deployment, 
deep  system  monitoring  and  unified  hybrid 
cloud  management,  that  the  company  spear¬ 
headed  the  OpenStack  project  to  make  basic 
IaaS  platforms  interoperable. 

As  vendors  try  to  hone 
their  competitive  edges, 
customers  are  finding 
that  they’re  not  limited  to 
one  IaaS  provider. 

Shelton  Shugar,  senior 
vice  president  for  SaaS  at 
CA  Technologies,  over¬ 
sees  IaaS  vendor  selec¬ 
tion.  “You  have  to  factor  in  each  IaaS’s  scale, 
global  footprint,  quality,  price  and  the  flexibil¬ 
ity  in  which  they  can  adapt  to  your  particular 
project.”  The  answers  to  those  questions  will 
vary  with  the  scope  of  each  cloud  project. 

Having  multiple  (he  advises  not  more  than 
three  or  management  becomes  a  nightmare) 
IaaS  providers  will  become  common  place, 
says  Shugar,  who  divulged  his  company  uses 
Rackspace  but  declined  to  name  the  others  in 
CA  Technologies’  multi-vendor  IaaS  strategy. 
Having  multiple  IaaS  providers  gives  CA  bet¬ 
ter  worldwide  coverage  and  a  bit  of  an  edge  in 
negotiating  favorable  terms. 

“It’s  good  to  have  a  couple  of  IaaS  provid¬ 
ers  working  for  you  to  share  the  load,”  says 
Doug  Harr,  CIO  for  Splunk,  an  ERP  software 
developer  in  San  Francisco  which  runs  all  of 
its  computer  operations  in  the  cloud. 

Harr  explains  that  Amazon  is  the  compa¬ 
ny’s  default  IaaS  provider  because  its  service 
is  so  wide  and  deep.  “But  every  project  brings 
a  new  evaluation,  so  the  choice  is  wide  open 
based  on  the  use  case,”  Harr  says. 

And  that  seems  to  be  the  prevailing  wis¬ 
dom.  Enterprises  looking  for  cloud  services 
should  check  out  the  big  names,  but  should 
also  take  a  good  hard  look  at  the  many  inno¬ 
vative  cloud  startups.  ■ 

Burns  is  a  freelance  writer  and  editor  based 
in  Carlisle,  Pa.,  who  has  more  than  15  years 
experience  covering  the  networking  industry. 
She  can  be  reached  at  cburnsl227@ 
googlemail.com. 
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Sony  Tablet™  S 

CDW 2490035 

•  NVIDIA  Tegra  2  Dual-Core  Mobile  processor 
(1GHz) 

■  WLAN;  802.11b/g/n  with  Bluetooth®  2,1  EDR 

■  16GB  flash  drive 

■  Android™  3,1  Honeycomb 

$499" 


ASUS  Eee  Slate  B121  Tablet 

CDW  2465558 

•  Intel ' Core™ i5-470UM processor  (1.33GHz) 
■  WLAN:  802.11b/g/n  with  Bluetooth*  3,0 

•  64GB  flash  memory 

•  12.1"  LED  backlit  touchscreen  display  with 
front  camera 

•  Windows®  7  Professional  64-bit 


$1499" 


Tablets.  They  let  people  take  their  work 
wherever  work  takes  them.  We  get  it 
and  partner  with  the  industry's  leading 
vendors  to  deliver  productivity  to  go. 
Our  account  managers  can  help  with 
selection,  and  our  specialists  can  do 
the  pre-imaging  and  asset  tagging  so 
you  don’t  have  to.  Together,  we  make 
sure  your  business  knows  no  bounds. 
All  you  have  to  do  is  call  or  click. 

800.399.4CDW  I  CDW.com/tablets 
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•  Powerful  dual-core  processor  with 
high-quality  front  and  rear  cameras 

■  10.1"  HD  touch-screen  display 

WLAN:  802.11a/b/g/n  with  Bluetooth  2.1  EDR 

■  32GB  flash  memory 

■  Android™  3.1  Honeycomb 

$499.99 
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ith  scores  of  new  cloud 
companies  popping  up  and  so 
many  existing  players  jump¬ 
ing  on  the  cloud  bandwagon, 
we  wondered  where  the  tradi¬ 
tional  enterprise  networking 
vendors  stood. 

Were  they  guilty  of  ‘‘cloudwashing”  —  slap¬ 
ping  the  cloud  label  on  existing  products?  Were 
they  ignoring  the  cloud  and  risking  getting  left 
in  the  dust?  Were  they  scrambling  to  reinvent 
themselves  as  cloud  -service  providers? 

Turns  out  that  companies  like  Cisco  and 
|||f|dpniper  CA  and  Citrix  are  sticking  to  their 
||||t  core  strengths  and  positioning  themselves  as 
y T  enablers  of  the  cloud,  providing  the  underly- 
’  \  ing  hardware  and  software  just  like  they've 
!J?|J-:!?eeh  doing  for  enterprise  and  service  provider 
customers  for  decades. 


CISCO 


UCS  is  key  cloud 


WebEx  is  successful  SaaS  player, 
but  Cisco’s  strategic  focus  is 
enabling  cloud  infrastructures 


The  only  place  Cisco  plays  directly  in 
the  cloud  is  in  the  SaaS  arena  with  its 
WebEx  collaboration,  video  and  telepresence 
services,  which  account  for  about  $1  billion  of 
Cisco’s  $40  billion  in  annual  revenue. 

“But  where  we’re  really  focused  on  is 
enabling  people  to  build  public  clouds,”  says 
Lew  Tucker,  Cisco’s  CTO  of  cloud  comput¬ 
ing,  using  Cisco’s  networking  know-how,  its 
reputation  in  both  the  enterprise  and  carrier 
markets,  and,  of  course,  its  gear. 


CA  TECHNOLOGIES 


Cloud  360 

Management  heavyweight 
plays  the  role  of  enabler  of 
cloud  management  services 


JL  Technologies  addresses  the  public  cloud  in  three  ways:  helping  enterprises  under- 
stand  how  to  use  it,  enabling  service  providers  to  build  it,  and  managing  customers’ 
expectations  about  how  operating  in  the  cloud  will  change  how  they  do  business. 

Using  the  public  cloud — whether  you  are  talking  about  IaaS,  PaaS  or  SaaS  —  requires  discipline, 
says  Andi  Mann,  CA  Technologies  vice  president  of  enterprise  and  cloud  solutions.  “You  can’t  just 
throw  mission  critical  applications  with  personally  identifiable  information  up  there  because  you 
are  going  to  run  into  compliance,  security,  privacy,  licensing  and  performance  issues.” 

To  help  customers  determine  the  right  applications  and  the  right  timing,  CA  wraps  consult¬ 
ing  services  around  several  of  its  portfolio,  project  and  capacity  planning,  and  design  and  mod¬ 
eling  tools  in  a  program  called  Cloud  360. 

The  two  main  products  are  AppLogic,  which  enables  IT  departments  and  service  providers  to 
rapidly  build  and  deploy  cloud  applications,  and  Automation  Suite  for  Cloud,  a  cloud  manage¬ 
ment  suite  that  offers  application  deployment  and  workload  management  and  provides  a  single 
interface  for  controlling  both  private-cloud  and  public-cloud  resources. 

“This  gives  service  providers  the  turnkey  underpinning  they  need  to  build  out  a  public  cloud 
service  that  can  compete  with  the  Amazons  and  the  Rackspaces,  but  with  the  security,  auditing 
and  reliability  in  place  to  attract  the  more  conservative  enterprise  customers,”  Mann  says. 

On  a  more  general  level,  Mann  argues  that  all  of  CA’s  infrastructure,  application  and  security 
management  tools  can  be  used  to  allow  an  enterprise  to  closely  monitor  its  activity  in  the  cloud 
and  the  data  collected  can  be  used  to  help  it  transform  how  it  does  business  there. 

“If  a  business  unit  is  now  responsible  for  allocating  its  own  IT  consumption,  they  had  better 
have  a  good  handle  on  what  they  are  paying  for,”  Mann  says. 
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Using  the  public  cloud  —  whether  you  are  talking 
about  IaaS,  PaaS  or  SaaS  -  requires  discipline." 


ANDI  MANN,  VICE  PRESIDENT  OF  ENTERPRISE  AND  CLOUD  SOLUTIONS,  CA 


“But  we  also  know  that  it’s  not  easy  to 
stand  up  a  cloud,”  says  Tucker,  who  was 
hired  14  months  ago  to  develop  Cisco’s  cloud 
strategy.  Before  coming  to  Cisco,  Tucker  was 
first  vice  president  at  Salesforce.com  where 
he  oversaw  the  development  of  AppEx- 
change.  And  then  he  served  as  CTO  at  Sun 
where  he  was  responsible  for  building  Sun 
Cloud,  an  early  IaaS  platform  targeting  Java 
developers. 

“While  there  are  many  different  clouds 
out  there,  there  is  an  underlying  cloud 
model  that  we  all  adhere  to.  We  want  the 
cloud  infrastructure  to  have  a  pool  of  server, 
networking  and  storage  resources  that  we 
virtualize  and  turn  into  a  service  for  applica¬ 
tions  to  take  advantage  of,”  Tucker  says. 

At  the  center  of  Cisco’s  cloud  enablement 
strategy  is  its  Unified  Computing  System 
(UCS),  which  is  an  enterprise-class  blade- 
based  platform  that  tightly  integrates  server 
and  networking  functions.  Cisco  introduced 


UCS  in  2009.  Tucker  qualifies  UCS  sales  as 
“very  successful”  and  industry  reports  say 
that  as  of  August  there  were  7,400  UCS  cus¬ 
tomers,  2,000  of  which  were  added  in  the 
previous  quarter. 

Cisco  is  attacking  cloud  from  another  angle 
with  its  strategic  partnership  with  EMC, 
VMware  and  Intel  in  a  joint  venture  called 
the  Virtual  Computing  Environment  (VCE) 
Company.  This  is  a  way  to  give  cloud  provid¬ 
ers  an  integrated  infrastructure  platform 
that  will  greatly  speed  up  their  time  to  mar¬ 
ket.  VCE  is  headquartered  in  Dallas  and  sells 
its  products  as  pre-integrated  sets  of  Cisco 
switching  and  UCS  servers,  EMC  storage, 


and  virtualization  provided  by  VMware. 

Cisco  is  also  throwing  its  weight  behind 
OpenStack,  the  open  source  cloud  comput¬ 
ing  effort  originally  spurred  by  Rackspace. 
Tucker  says  Cisco  is  working  with  14  other 
vendors  to  define  a  virtualized  networking 
service  called  Quantum  to  help  develop¬ 
ers  write  applications  that  can  inherently 
take  advantage  of  more  interesting  net¬ 
work  topologies  and  embedded  network 
services. 

“Essentially,  we  want  developers  to  be 
able  to  spin  up  isolated  virtualized  L2  net¬ 
works  just  as  if  they  were  spinning  up  vir¬ 
tual  machines,”  Tucker  says. 


MBut  where  we’re  really  focused  on  is 

enabling  people  to  build  public  clouds." 

LEW  TUCKER,  CTO  OF  CLOUD  COMPUTING,  CISCO 
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CITRIX 


Virtualization  and  orchestration  layers 

CloudStack  helps  companies  deploy  and  manage  virtual  machines 


|  p  Citrix’s  XenServer  virtualization  plat- 
I  r  form  is  the  body  of  what  the  company 
has  to  offer  to  service  providers  and  enter¬ 
prises  looking  to  build  and  tap  into  the  public 
cloud,  then  CloudStack  is  the  brains. 

CloudStack  is  the  Java-based  open  source 
cloud  orchestration  software  Citrix  picked  up 
with  its  recent  acquisition  of  Cloud.com.  It  is 
designed  to  ease  the  administrative  hassles 
associated  with  deploying  and  managing  large 
networks  of  virtual  machines. 

About  80%  of  Cloud.com’s  customers 
were  already  using  XenServer,  “so  those  two 
layers  have  been  working  together  for  a  very 
long  time,”  says  Sameer  Dholakia,  group  vice 
president  and  general  manager  for  the  cloud 
platforms  group  at  Citrix.  That  said,  Cloud¬ 
Stack  can  also  manage  Linux  KVM,  VMware’s 
vSphere  and  Oracle’s  Oracle  VM,  as  well  as 
handle  bare-metal  provisioning.  Support  for 
Microsoft’s  Hyper-V  is  slated  next  year. 

“It  is  core  to  our  strategy  not  to  create  [ven¬ 
dor]  lock-in  at  any  layer  in  the  stack,”  adds 
Dholakia. 


More  than  70%  of  Citrix’s  cloud-building 
business  is  done  with  telcos  that  see  Ama¬ 
zon  as  a  threat  to  their  traditional  revenue 
stream. 

“Many  of  the  service  providers  we  are 
working  with  are  building  multiple  cloud 
offerings  built  on  different  virtual  infrastruc¬ 
tures  for  a  variety  of  timing  and  cost  reasons 
and  they  are  using  CloudStack  to  manage 
them  all,”  Dholakia  says. 

There  are  cost  reasons  for  having  multiple 
virtualization  platforms  as  a  cloud  provider, 
but  there  “really  is  no  reason  why  you’d  want 
to  maintain  two,  separate  orchestration  layers 
to  manage  them,”  Dholakia  says. 

One  layer  up  in  Citrix’s  cloud  enablement 


stack  is  CloudPortal,  which  is  a  suite  of  tools 
that  enables  a  service  provider  to  set  up  the 
business  processes  involved  in  running 
a  public  cloud.  It  provides  things  like  on- 
boarding,  account  management,  billing  and 
self-service  provisioning. 

For  enterprises  who  want  on-premise 
“public-like”  cloud  services  behind  their 
own  firewall,  Citrix’s  strategy  hinges  on  the 
possibility  of  hybrid  management.  Through 
a  combination  of  XenServer  and  CloudStack, 
customers  could  set  up  “cloud  zones”  within 
the  same  management  interface.  These  cloud 
zones  would  have  to  be  connected  via  another 
Citrix  product  called  Cloud  Bridge,  which 
runs  on  top  of  the  company’s  line  of  NetScaler 
VPN  appliances. 

“This  is  still  a  very  early  use  case  of  our 
products.  Most  customers  are  really  think¬ 
ing  about  one  side  of  the  wire  or  the  other,” 
Dholakia  says.  But  he  contends  the  wind  is 
definitely  blowing  public  clouds  into  the 
enterprise  landscape. 


f  . ,  It  is  core  to  our  strategy  not  to  create 
,>!  ■  [vendor]  lock-in  at  any  layer  in  the  stack.” 

SAMEER  DHOLAKIA,  GROUP  VICE  PRESIDENT  AND  GENERAL 
MANAGER  FORTHE  CLOUD  PLATFORMS  GROUP  AT  CITRIX 


JUNIPER 

High-performance 
cloud  fabric 

Also,  company  has  security  tools 
and  management  software 

min 

Juniper  has  a  three-pronged  cloud  strat¬ 
egy  that  includes  selling  networking  gear 
into  the  data  centers  of  most  major  IaaS  play¬ 
ers,  providing  secure  connections  between 
virtual  data  centers  and  cloud  customers,  and 
orchestrating  how  virtualized  resources  get 
allocated  to  cloud  application  services. 

The  cornerstone  of  Juniper’s  cloud  effort 
is  QFabric,  says  Mike  Marcellin,  vice  presi¬ 
dent  of  strategy  and  marketing  for  Juniper’s 
Platform  Systems  Group.  QFabric  is  a  new 
switching  architecture  announced  in  March 
that  creates  a  single  logical  switch  connecting 
the  entire  data  center.  It  replaces  Spanning 


Tree,  which  links  access,  aggregation  and  core 
switches.  By  flattening  the  three-tier  network, 
QFabric  reduces  latency  in  the  data  center. 

QFabric  is  also  a  product  line  comprising 
the  QF  Director  management  platform;  the 
QF  Interconnect  chassis,  which  is  the  logical 
switch  fabric;  and  the  QFX3500  node,  a  10G 
top-of-rack  switch  that  supplies  high-density 
ingress  and  egress  ports. 

“Juniper  has  made  its  mark  in  leading  in 
scale  and  performance.  We’ve  massively 
rethought  how  high  data  center  networking 
happens  and  QFabric  is  how  we  are  address¬ 
ing  performance  there,”  Marcellin  says. 

On  the  security  front,  Juniper  has  a 
strong  presence  in  the  data  center  with  its 
line  of  high-end  SRX  line  of  firewalls.  Also, 
the  company  —  by  way  of  the  acquisition  of 
Altor  Networks  late  in  2010  —  now  has  a 
line  of  virtual  network  firewalls,  the  Virtual 
Gateway  (vGW)  series. 

“For  our  customers  who  are  trying  to  build 
out  a  cloud  infrastructure,  having  a  fire¬ 
wall  sitting  inside  the  hypervisor  helps  our 


customers  round  out  their  security  story,” 
Marcellin  says. 

One  of  the  biggest  issues  facing  IaaS  ven¬ 
dors,  contends  Marcellin,  is  how  to  efficiently 
orchestrate  the  delivery  of  infrastructure  ser¬ 
vices  to  the  apps  running  in  the  cloud. 

For  all  the  elements  that  Juniper  provides, 
the  company  has  tried  to  make  them  man¬ 
ageable  via  Junos  Space,  an  open  software 
platform  that  allows  customers,  partners, 
and  developers  to  build  and  deploy  apps  that 
manage  and  analyze  Juniper-provided  net¬ 
work  infrastructure. 

“Think  about  an  application  that  will  let 
you  configure  many,  many  switches  in  an 
automated  way.  Oran  application  that  lets  you 
configure  hundreds  of  virtual  firewalls  in  an 
automated  way,”  Marcellin  says. 

These  tasks  may  sound  pretty  basic, 
Marcellin  says,  “but  having  a  platform  that 
enables  this  level  of  automated  management 
will  help  Juniper  customers  avoid  configura¬ 
tion  errors  in  massive  data  centers  support¬ 
ing  a  public  cloud.”  ■ 
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CO~  emissions 
monitoring: 

Reduce  environmental  impact 
through  increased  understanding 
of  COi  emissions 


Risk 

assessment: 

Identify  and  proactively 
manage  threats  to  availability 
(e.g.,  aging  batteries) 


Download  White  Paper  #24  "Effect  of  UPS  on  System 
Availability"  and  register  to  WIN  APC  Smart-UPS 
1500VA  Rack/Tower  LCD  120V,  a  $779  value! 

Visit  www.apc.com/promo  Key  Code  j633v  Call  888-289-APCC  x6330 


by  Schneider  Electt 


©201 1  Schneider  Electric.  All  Rights  Reserved.  Schneider  Electric,  APC.  Smart-UPS,  PowerChute,  and  Legendary  Reliability  are  trademarks  owned  by  Schneider  Electric  Industries  SAS  or  its  affiliated  companies, 
e-mail:  esupport@apc.com  •  132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA  •  998-4 144_US 


Now,  manage  both  your  UPS 
and  your  energy  proactively. 


Energy  usage  and 
energy  cost  reporting: 

Save  energy  and  money  by 
tracking  energy  usage  and 
costs  over  time 


Only  APC  Smart-UPS  saves  money  and 
without  sacrificing  availability. 


energy 


Today’s  more  sophisticated  server  and  networking  technologies  require  higher  availability. 
That  means  you  need  more  sophisticated  power  protection  to  keep  your  business  up 
and  running  at  all  times.  But  that’s  not  all.  In  today’s  economy,  your  UPS  must  safeguard 
both  your  uptime  and  your  bottom  line.  Only  APC  by  Schneider  Electric™  helps  you 
meet  both  of  these  pressing  needs.  Specifically,  the  APC  Smart-UPS™  family  now 
boasts  models  with  advanced  management  capabilities,  including  the  ability  to  manage 
your  energy  in  server  rooms,  retail  stores,  branch  offices,  network  closets,  and  other 
distributed  environments. 

Intelligent  UPS  management  software 

PowerChute™  Business  Edition,  which  comes  standard  with  Smart-UPS  5  kVA  and 
below,  enables  energy  usage  and  energy  cost  reporting  so  you  can  save  energy  and 
money  by  tracking  energy  usage  and  costs  over  time;  CO2  emissions  monitoring  to 
reduce  environmental  impact  through  increased  understanding;  and  risk  assessment 
reporting  so  you  can  identify  and  proactively  manage  threats  to  availability  (e.g.,  aging 
batteries). 

Best-in-class  UPS 

Our  intelligent,  interactive,  energy-saving  APC  Smart-UPS  represents  the  combination  of 
more  than  25  years  of  Legendary  Reliability™  with  the  latest  in  UPS  technology  including 
an  easy-to-read,  interactive,  alphanumeric  LCD  display  to  keep  you  informed  of  important 
status,  configuration,  and  diagnostic  information,  a  unique  battery  life  expectancy 
predictor,  and  energy-saving  design  features,  like  a  patent-pending  “green”  mode. 

Now,  more  than  ever,  every  cost  matters  and  performance  is  critical.  That's  why 
you  should  insist  on  the  more  intelligent,  more  intuitive  APC  Smart-UPS. 


Energy  savings 

A  patent-pending  "green"  mode  achieves 
online  efficiencies  greater  than  97 
percent,  reducing  heat  loss  and  utility 
costs. 


Why  Smart-UPS  is  a 

smarter  solution 


Intuitive  alphanumeric  display 

Get  detailed  UPS  and  power  quality 
information  at  a  glance  -  including 
status,  about,  and  diagnostic  log  menus 
in  up  to  five  languages. 


Configurable  interface 

Set  up  and  control  key  UPS  parameters 
and  functions  using  the  intuitive 
navigation  keys. 

On  rack/tower  convertible  models, 
the  display  rotates  90  degrees  for  easy 
viewing. 
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A  simple  phone  call  provides 
better  two-factor  authentication. 


Don’t  settle  for  security  tokens. 


BECAUSE  PASSWORDS 
JUST  AREN’T  ENOUGH 


►  PhoneFactor 

www.phonefactor.com  |  1.877.NoToken 


Download  a  free  whitepaper  at:  phonefactor.com/notokens. 


Superior  User  Experience 

Users  simply  respond  to  an  automated  phone  call  or 
text  message  from  PhoneFactor  to  confirm  account 
logins  or  verify  transactions. 

Significantly  Less  Expensive 
With  no  devices  to  provision,  ship,  replace,  renew,  or 
support,  PhoneFactor  costs  an  average  of  50%  less 
than  security  tokens. 

Stronger  Out-of-Band  Security 
Security  tokens  are  vulnerable  to  malware  and 
man-in-the-middle  attacks.  PhoneFactor’s  out-of-band 
architecture  protects  against  these  attacks. 


User  ID:  m smith 
Password:  . .  • 


Authenticating... 
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Copper 


Fiber 
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□  M3 10G  MPD 


Still  patching  the  server  clusters  one  port  at  a  time? 

That's  so  90s.  At  Cablesys,  we  pre-terminate,  pre-bundle,  pre-label,  pre-kit  and  pre-everything  for 
you.  All  you  need  to  do  is  take  it  out  of  the  box  and  lay  down  the  cable  bundles.  We  work  on  Copper 
Cat5e,  CatG,  CatGA  or  fiber  LC,  MPD,  0M3  and  more.  Our  job  is  to  make  your  job  easier  and  best  of 
all.  it  cost  much  less  than  you  think.  Curious?  Give  your  dedicated  sales  rep  a  call. 
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The  Smart  Choice  for  Text  Retrieval9  since  1991 


Instantly  Search  Terabytes  of  Text 

With  dtSearch:  "Endless  indexing  is  now  a  breeze"  -  Computerworld 

"Impressive  searching  power ...  handles  more  than  a  terabyte  of  text  in  a 
single  index"  -  Network  World 

"Lightning  fast ...  performance  was  unmatched”  -  Redmond  Magazine 
For  hundreds  more  reviews  &  developer  case  studies,  see  www.dtSearch.com 


Highlights  hits  in  a  wide  range  of  data,  using 
dtSearch's  own  file  parsers  and  converters 

•  Supports  MS  Office  through  2010,  OpenOffice,  ZIP,  HTML, 
XML/XSL,  PDF  and  more 

•  Supports  popular  email  formats,  including  nested  and 
ZIP  attachments 

•  Spider  supports  static  and  dynamic  web  data 
•API  for  SQL-type  data,  including  BLOB  data 

25+  full-text  and  fielded  data  search  options 

•  Federated  searching;  advanced  data  classification  objects 


dtSearcK 


APIs  for  C++,  Java  and  .NET  through  4.x 

•  Native  64-bit  and  32-bit  Win  /  Linux  APIs;  .NET  Spider  API 

•  Content  extraction  only  licenses  available 


Desktop  with  Spider  Publish  (portable  media)  Engine  for  Win  &  .NET 


Network  with  Spider  Web  with  Spider 


Engine  for  Linux 


Ask  about  fully-functional  evaluations! 

www.dtSearch.com  i-soo-it-finds 
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Now  with 

Wireless 
, Sensors , 


Sensaphone  Remote  Monitoring  Products 

use  redundant  communication  paths ,  built  in  battery 
backup,  and  supervised  sensors  to  make  sure  that  when 
something  goes  wrong  in  your  computer  room 
you  qet  the  messaqe.  . - 


Notification  Via: 

•  Voice  Phone  Call 

•  Text  Message 

•  Pager 


•  E-Mail 

•  SNMP  Trap 

•  Fax 


SENSAPHONE  ^ 


Get  your  FREE  application  guide  now 


SENSAPHONE  I  877-373-2700  rs- 

www.sensaphone.com  ‘ 


REMOTE  MONITORING  SOLUTIONS 


Introducing 

Sentry  Power  Manager  5.0 
One  unbelievable  solution. 


It's  like  no  other  rack-level  data  center 
o  power  management  system. 

prehensive  and  V  ^  each  location  -  as  much  or  as  little  as  you 
in  to  measure,  monitor  want  to  see. 

?wer  at  the  rack  level.  „  Spot  problems  faster.  Improve  uptime. 

rtionahty.  Unbelievably  Make  your  life  simpler- 

tical  data  you  need  to  .  .  .  r  , 

A  single  pane  of  qlass  view  to  manaqe 
easions  about  your  »  D  Ps  M  «  3fd  « 

y  efficiency.  -  -  -  fAPC,  Raritan,  Geist;,  -P~y' 

‘I  data  center  -  ~  ~  ^  ~  ^ 

Middleware  or  stand-alone  flexibility. 

ice  makes  it  easy  to  SPM's  Application  Programming 
:ustomizable  network  Interface  (API)  makes  it  the  perfect 
•  (NOC)  views.  An  middleware  partner.  Or,  it's  a  stand-alone 

ch  cabinet  power  w  power  monitoring  workhorse.  Find 
SDU),  each  cabinet,  -  out  more  today. 


Server  Technology 

Solutions  for  the  Data  Center  Equipment  Cabinet 

www.servertech.com 

1-800-835-1515 


©  201 1  Server  Technology,  Inc.  Sentry  and  Sentry  Power  Manager  are  trademarks  of  Server  Technology,  Inc. 
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Custom  Solutions 

EASTERN  SALES  DIRECTOR:  Brett  Ferry,  (508)  988-6941 
WESTERN  SALES  DIRECTOR:  Karen  Wilde,  (415)  267-4512 

■  Event  Sales 

DEMO 

SVP,  DEMO:  Neal  Silverman,  (508)  766-5463 

IT  Roadmap 

ACCOUNT  DIRECTOR,  EVENT  SALES,  WESTERN  REGION: 

Brian  Klunk,  (415)  267-4514 

ACCOUNT  DIRECTOR,  EVENT  SALES,  EASTERN  REGION: 

Michael  McGoldrick,  (508)  766-5459 
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How  stupid  can  cell  carriers  be?  Really  stupid 


THE  RECENT  revelation  that  most  of  us  are 
carrying  around  smartphones  with  embed¬ 
ded  rootkits  is  both  surprising  and  not  so 
surprising.  It’s  surprising  because  it  makes  you  wonder,  “How  stupid 
can  the  carriers  be?”  It’s  not  surprising  because  we  already  know  the 
answer  to  that. 

Here’s  what  the  furor  is  all  about:  Back  in  March  an  Android  soft¬ 
ware  developer  using  the  alias  “kOnane”  noticed  something  odd:  His 
Sprint-supplied  Samsung  smartphone  included  some  fairly  well-hid¬ 
den  software  which  was  always  started  when  the  device  was  booted 
and  was  always  running.  Moreover,  it  was  hard  to  stop  the  code. 

A  bit  more  sleuthing  revealed  that  the  software  is  called  Carrier  IQ 
(supplied  by  a  company  of  the  same  name)  and  is  intended  to  provide 
wireless  service  providers  with  data  about  the  performance  of  smart¬ 
phones  for  planning  and  diagnostic  purposes.  Unfortunately,  the 
depth  of  Carrier  IQ’s  data  collection  isn’t  restricted  to  stuff  that  cell  car¬ 
riers  could  reasonably  want  to  know.  Oh  no.  The  software  can  collect 
much  more  and  relay  it  back  to  the  Carrier  IQ  mothership. 

In  other  words,  this  software  is  an  out-and-out  rootkit,  a  hidden 
piece  of  code  designed  to  be  hidden  and  capable  of  monitoring  every¬ 
thing  that  happens  on  a  smartphone,  including  tracking  which  appli¬ 
cations  are  run  and  for  how  long,  as  well  as  logging  texts  and  email 
sent,  numbers  dialed,  XML  data  read,  Web  pages  loaded . . .  you  name 
it.  Carrier  IQ  can  detect  and  log  it. 

Over  the  following  months  people  started  to  examine  Carrier  IQ  in 
greater  depth  and  discovered  that  its  implementation  was  designed  to 
be  stealthy  and  that  each  vendor  had  customized  the  implementation 


on  its  own  devices.  As  for  what  data  was  collected,  that  was  driven  by 
the  carrier  sending  commands  remotely  to  the  devices! 

If  you  are  running  enterprise  IT  and  care  about  security  and  pri¬ 
vacy,  the  revelation  that  all  of  your  smartphones  are  effectively  loaded 
with  an  all-powerful,  vendor-sanctioned  rootkits  has  got  to  be  pretty 
sobering.  Not  only  has  your  carrier  intentionally  included  a  backdoor 
without  telling  you,  but  it’s  also  created  the  potential  for  an  entry  point 
for  hackers  and  malware  that  could  capitalize  on  the  logging  services. 

While  collecting  performance  data  makes  sense  for  carriers,  it’s  the 
scope  of  the  data  that  can  be  acquired  that  has  everyone  so  spun,  and 
—  and  this  is  the  biggie  —  the  fact  that  you  have  not  given  your  consent 
for  this  data  to  be  collected! 

What  is  the  legal  risk  to  all  of  the  carriers  that  have  deployed  this 
software?  They  are  guilty  of  the  federal  crime  of  unauthorized  wiretap¬ 
ping  and  violation  of  privacy! 

The  enormity  of  this  whole  mess  is  just  starting  to  come  clear  as  the 
list  of  devices  Carrier  IQ  can  be  found  embedded  on  includes  prod¬ 
ucts  from  Samsung,  HTC,  Nokia  and  RIM.  According  to  the  Carrier 
IQ  website,  something  north  of  141  million  smartphones  are  running 
their  software!  Can  you  say  “class  action”? 

When  there’s  such  minimal  real  competition  in  the  service  provider 
market  and  such  minimal  external  oversight  on  what  the  carriers  can 
do,  this  is  what  happens.  Anyone  who  thinks  that  the  carriers  don’t 
need  regulation  and  that  the  “free  market”  organically  solves  these 
kinds  of  problems  is  living  in  a  dream  world.  8 

Gibbs  has  his  data  collected  in  Ventura,  Calif.,  (backspin@gibbs.com). 
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Don’t  expect  Woz  to  bid  on  this  Apple  contract 


NEWS  LAST  week  that  Sotheby’s  will  auc¬ 
tion  off  “The  Contract  That  Founded  Apple” 
—  a  partnership  signed  April  1, 1976,  by  the 
late  Steve  Jobs,  Steve  Wozniak  and  Ron  Wayne  —  no  doubt  caught  the 
eye  of  techie  collectors  and  even  sparked  speculation  that  Apple  might 
buy  the  document. 

Sotheby’s  expects  the  Dec.  13  auction  to  fetch  up  to  $150,000. 

We’ll  see  about  that,  but  don’t  expect  Wozniak  to  be  among  bidders, 
because,  well,  he  believes  this  contract  is  kind  of  overrated. 

He  doesn’t  doubt  its  authenticity,  mind  you.  He  does,  however,  ques¬ 
tion  the  historical  significance  that  has  been  attached  to  its  signing,  as  I 
learned  through  an  email  exchange  with  him  back  in  the  spring. 

In  a  nutshell,  I  had  caught  wind  of  the  fact  that  Woz  has  long  doubted 
the  almost  universally  accepted  story  that  Apple  was  founded  on  April 
Fools’  Day  in  1976.  Unable  to  find  documentation  of  that  fact  online 
myself,  I  turned  to  Owen  Linzmayer,  author  of  “Apple  Confidential  2.0” 
by  No  Starch  Press,  who  quickly  found  a  copy  in  his  files  of  the  very 
contract  that  is  about  to  go  on  the  auction  block. 

It  is  indeed  dated  April  1, 1976,  and  is  indeed  signed  by  Jobs,  Wozniak 
and  Wayne. 

When  I  sent  Woz  a  copy  of  my  copy,  I  figured  that  would  be  the  end 
of  the  discussion.  It  was  not.  He  replied: 

‘  This  was  the  partnership  formed  to  produce  a  PC  board  for  the 
Apple  1.’  It  was  actually  a  different  company  than  the  one  that  got 
financed  and  produced  the  Apple  II.  This  one  was  a  partnership.  The 
real  company  was  a  corporation.  So  it’s  a  bit  murky.” 

Linzmayer  begged  to  differ,  having  this  to  say  about  Woz’s  reading: 


“Seems  like  splitting  hairs  to  claim  that  the  Jobs/Woz/Wayne  part¬ 
nership  that  produced  the  Apple  I  isn’t  the  same  company  that  Jobs/ 
Woz  and  [early  investor/CEO  Mike]  Markkula  incorporated  shortly 
thereafter.  Two  of  the  founders  are  the  same,  the  industry  is  the  same, 
the  companies  share  the  same  name,  and  the  products  are  the  Apple  I 
and  Apple  II.  Technically  Woz  is  correct  in  that  Apple  Computer  the 
partnership  isn’t  the  same  legal  entity  as  Apple  Computer  Inc.,  but  to 
call  it  murky  is  stretching  it.” 

Personally,  I  still  find  Linzmayer’s  assessment  more  compelling 
than  Wozniak’s,  even  though  that  requires  discounting  the  fact  that 
Woz  was  there  and  Linzmayer  wasn’t. 

Nevertheless,  if  I  was  ponying  up  $150,000  for  “The  Contract  That 
Founded  Apple,”  I’d  at  least  want  to  know  that  one  of  Apple’s  founders 
harbors  such  doubts  about  its  historical  stature. 

They’re  never  too  young  to  learn  about  passwords 

That  the  little  girl  had  a  netbook  was  slightly  surprising,  given  that 
she  couldn’t  have  been  older  than  7  or  8.  But  her  conversation  with  her 
Mom  about  the  machine  —  overheard  at  my  son’s  basketball  practice 
last  week  —  wasn’t  surprising  at  all,  unfortunately. 

“Mommy,  my  password  isn’t  working.”  (Hands  netbook  to  Mom.) 
“What’s  your  password  again,  sweetie?” 

“Password.” 

How  I  managed  to  resist  the  face-palm  remains  a  mystery.  8 

Please  send  your  long-lost  Apple  documents  and  password  tales  to 
buzz@nww.com. 
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Thinking 

about 
migrating 

to  System  z? 

You’re  in 
good 
company. 


Since  the  start  of  2010,  more  than  250  companies  around  the  world  have 
migrated  workloads  (including  Oracle  workloads)  to  System  z?  Why?  Maybe 
it's  the  savings  (up  to  50%  on  applicable  IT  costs).  Or  the  top-rated  EAL5 
security  classification.  Or  because  it  delivers  up  to  99.999%  availability  and 
uptime.  Or  maybe  it’s  an  even  better  reason:  all  of  the  above. 


ibm.com/facts 


IT  COST  SAVINGS  reflect  overall  reductions  in  software  and/or  hardware  maintenance  charges  and  reduced  costs  of  system  and  workload  management  over  a  period  of  3-5  years,  when 
consolidating  workloads  from  other  systems  to  a  virtualized  Linux  environment  on  System  z.  AVAILABILITY  percentage  is  based  on  System  z  servers  in  a  Parallel  Sysplex  environment,  assuming 
application  data  sharing  across  multiple  servers  Actual  environmental  costs  and  performance  characteristics  will  vary  depending  on  individual  client  configurations  and  conditions  Contact 
IBM  to  see  what  we  can  do  for  you.  Current  as  of  7/7/2011.  IBM,  the  IBM  logo,  ibm.com,  System  z,  Smarter  Planet  and  the  planet  icon  are  trademarks  of  International  Business  Machines  Corp, 
registered  in  many  jurisdictions  worldwide.  Other  product  and  service  names  might  be  trademarks  of  IBM  or  other  companies  A  current  list  of  IBM  trademarks  is  available  on  the  Web  at 
wwwibmcom/legal/copytradeshtml.  ©  International  Business  Machines  Corporation  2011. 
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your  move  to  the  cloud,  virtualization, 
and  big  everything  with 
HP  Converged  Storage. 


Reduce  cost  and  speed  deployment  with  the 
power  of  server  and  storage  convergence. 


With  HP  storage,  you  can: 

•  Get  your  storage  up  and  running  up  to  40%  faster 

•  Reduce  administration  time  by  up  to  90%* 


Whether  you're  deploying  a  cloud,  virtualizing  your  data 
center,  modernizing  your  applications,  or  preparing  to 
deal  more  efficiently  with  data  archiving,  be  prepared 
for  what's  next  with  HP  Converged  Storage— storage 
without  boundaries. 


See  how  HP  storage  can  eliminate  boundaries  between 
storage  and  the  rest  of  IT.  Watch  the  video  now  at 

hp.com/storage/3CI 


Or,  scan  this  QR  code 
with  your  mobile  device 


HP  Converged  Storage  solutions  powered 
by  Intel®  Xeon®  processors 


*  For  qjmjt  5  on  claim  substantiations, 
visifhpcom/ storage/3CI 
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